src/Controller/ResetPasswordController.php line 90

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\User;
  6. use App\Event\PortalUserEvent;
  7. use App\Factory\Platform\MailerFactory;
  8. use App\Form\Type\ChangePasswordFormType;
  9. use App\Form\Type\ResetPasswordRequestFormType;
  10. use App\Services\Common\Email\MailTypes;
  11. use App\Services\Common\MailerService;
  12. use App\Services\Common\User\WorkflowUser;
  13. use App\Services\DTV\YamlConfig\YamlReader;
  14. use App\Services\Portal\PortalService;
  15. use Doctrine\ORM\EntityManagerInterface;
  16. use Exception;
  17. use Psr\Log\LoggerInterface;
  18. use ReflectionException;
  19. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  20. use Symfony\Component\HttpFoundation\RedirectResponse;
  21. use Symfony\Component\HttpFoundation\Request;
  22. use Symfony\Component\HttpFoundation\Response;
  23. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  24. use Symfony\Component\Routing\Annotation\Route;
  25. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  26. use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface;
  27. use Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface;
  28. use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
  29. use Symfony\Contracts\Translation\TranslatorInterface;
  30. use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
  31. use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
  32. use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
  34. /**
  35. * Controller pour la gestion de la réinitialisation du mot de passe
  36. *
  37. * @Route("/reset-password")
  38. */
  39. class ResetPasswordController extends AbstractController
  40. {
  41. use ResetPasswordControllerTrait;
  43. private ResetPasswordHelperInterface $resetPasswordHelper;
  44. private LoggerInterface $logger;
  45. private MailerService $mailerService;
  46. private YamlReader $yamlReader;
  47. private EntityManagerInterface $em;
  48. private PortalService $portalService;
  49. private EventDispatcherInterface $dispatcher;
  50. private TranslatorInterface $translator;
  51. private WorkflowUser $workflowUser;
  53. public function __construct(
  54. ResetPasswordHelperInterface $resetPasswordHelper,
  55. LoggerInterface $logger,
  56. MailerService $mailerService,
  57. YamlReader $yamlReader,
  58. EntityManagerInterface $em,
  59. PortalService $portalService,
  60. EventDispatcherInterface $dispatcher,
  61. TranslatorInterface $translator,
  62. WorkflowUser $workflowUser
  63. ) {
  64. $this->resetPasswordHelper = $resetPasswordHelper;
  65. $this->logger = $logger;
  66. $this->mailerService = $mailerService;
  67. $this->yamlReader = $yamlReader;
  68. $this->em = $em;
  69. $this->portalService = $portalService;
  70. $this->dispatcher = $dispatcher;
  71. $this->translator = $translator;
  72. $this->workflowUser = $workflowUser;
  73. }
  76. /**
  77. * Affiche et traite le formulaire de demande de réinitialisation du mot de passe.
  78. *
  79. * @Route("", name="app_forgot_password_request")
  80. *
  81. * @param Request $request
  82. *
  83. * @return Response
  84. *
  85. * @throws ClientExceptionInterface
  86. * @throws RedirectionExceptionInterface
  87. * @throws ReflectionException
  88. * @throws ServerExceptionInterface
  89. */
  90. public function request(Request $request): Response
  91. {
  92. $form = $this->createForm(ResetPasswordRequestFormType::class);
  93. $form->handleRequest($request);
  95. if ($form->isSubmitted() && $form->isValid()) {
  96. return $this->processSendingPasswordResetEmail(
  97. $form->get('email')->getData(),
  98. );
  99. }
  102. return $this->render('security/request.html.twig', [
  103. 'requestForm' => $form->createView(),
  104. ]);
  105. }
  108. /**
  109. * Redirige vers la page de vérification de l'e-mail.
  110. *
  111. * @param string $emailFormData
  112. *
  113. * @return RedirectResponse
  114. *
  115. * @throws ReflectionException
  116. * @throws ClientExceptionInterface
  117. * @throws RedirectionExceptionInterface
  118. * @throws ServerExceptionInterface
  119. * @throws Exception
  120. */
  121. private function processSendingPasswordResetEmail(string $emailFormData): RedirectResponse
  122. {
  123. $user = $this->em->getRepository(User::class)->findOneBy(
  124. [
  125. 'email' => $emailFormData,
  126. ],
  127. );
  130. // Do not reveal whether a user account was found or not.
  131. if ($user === NULL) {
  132. return $this->redirectToRoute('app_check_email');
  133. }
  135. $mailer = $this->yamlReader->getMailer();
  137. // Check les CGU
  138. if (is_null($user->getCguAt()) && $user->getStatus() === User::STATUS_CGU_PENDING) {
  139. $this->workflowUser->resendCGU($user);
  141. $this->addFlash(
  142. 'danger',
  143. $this->translator->trans(
  144. "cgu_pending_message %contact_email%",
  145. ["%contact_email%" => $mailer[ 'contact_email' ]]
  146. )
  147. );
  149. return $this->redirectToRoute('app_login');
  150. }
  152. try {
  153. $resetToken = $this->resetPasswordHelper->generateResetToken($user);
  154. } catch (ResetPasswordExceptionInterface $e) {
  155. // If you want to tell the user why a reset email was not sent, uncomment
  156. // the lines below and change the redirect to 'app_forgot_password_request'.
  157. // Caution: This may reveal if a user is registered or not.
  159. $this->addFlash(
  160. 'reset_password_error',
  161. 'il y a eu un problème lors du traitement de votre demande de réinitialisation du mot de passe - ' . $e->getReason(
  162. ),
  163. );
  165. return $this->redirectToRoute('app_check_email');
  166. }
  168. $this->mailerService->createApiMailRequest(MailTypes::RESET_PASSWORD)
  169. ->addRecipientToRequest(
  170. $user,
  171. MailerFactory::buildResetPassword($resetToken->getToken()),
  172. )
  173. ->send()
  174. ;
  176. // Store the token object in session for retrieval in check-email route.
  177. $this->setTokenObjectInSession($resetToken);
  179. return $this->redirectToRoute('app_check_email');
  180. }
  183. /**
  184. * Page de confirmation après qu'un utilisateur a demandé une réinitialisation du mot de passe.
  185. *
  186. * @Route("/check-email", name="app_check_email")
  187. */
  188. public function checkEmail(): Response
  189. {
  190. return $this->render('security/check_email.html.twig', [
  191. 'resetToken' => $this->getTokenObjectFromSession(),
  192. ]);
  193. }
  196. /**
  197. * Valide et traite l'URL de réinitialisation que l'utilisateur a cliqué dans son e-mail.
  198. *
  199. * @Route("/reset/{token}", name="app_reset_password")
  200. */
  201. public function reset(Request $request, UserPasswordHasherInterface $passwordEncoder, string $token = NULL): Response
  202. {
  203. if ($token) {
  204. // We store the token in session and remove it from the URL, to avoid the URL being
  205. // loaded in a browser and potentially leaking the token to 3rd party JavaScript.
  206. $this->storeTokenInSession($token);
  208. return $this->redirectToRoute('app_reset_password');
  209. }
  211. $token = $this->getTokenFromSession();
  212. if (NULL === $token) {
  213. throw $this->createNotFoundException('No reset password token found in the URL or in the session.');
  214. }
  216. try {
  217. /** @var User $user */
  218. $user = $this->resetPasswordHelper->validateTokenAndFetchUser($token);
  219. } catch (ResetPasswordExceptionInterface $e) {
  220. $this->addFlash(
  221. 'reset_password_error',
  222. $this->translator->trans(
  223. 'il y a eu un problème lors de la validation de votre demande de réinitialisation - %s %reason%',
  224. ['%reason%' => $e->getReason()]
  225. ),
  226. );
  228. return $this->redirectToRoute('app_forgot_password_request');
  229. }
  231. // The token is valid; allow the user to change their password.
  232. $form = $this->createForm(ChangePasswordFormType::class);
  233. $form->handleRequest($request);
  235. if ($form->isSubmitted() && $form->isValid()) {
  236. $isPortal = $this->portalService->isOnPortal();
  238. // A password reset token should be used only once, remove it.
  239. $this->resetPasswordHelper->removeResetRequest($token);
  241. // Encode the plain password, and set it.
  242. $encodedPassword = $passwordEncoder->hashPassword(
  243. $user,
  244. $form->get('plainPassword')->getData(),
  245. );
  247. // Si on est sur un portail (parent), on propage le nouveau mot de passe sur tous les sites enfants
  248. if ($isPortal && $this->portalService->isAParent()) {
  249. $user->setPlainPassword($form->get('plainPassword')->getData());
  250. $portalUserEvent = new PortalUserEvent($user);
  251. $this->dispatcher->dispatch($portalUserEvent, $portalUserEvent::NAME);
  252. }
  254. $user->setPassword($encodedPassword);
  255. $user->setFailedAttempts(0);
  256. $user->setLastFailedAttempt(null);
  257. $this->em->flush();
  259. // The session is cleaned up after the password has been changed.
  260. $this->cleanSessionAfterReset();
  262. $this->addFlash(
  263. 'success',
  264. $this->translator->trans('votre nouveau mot de passe a bien été enregistré !')
  265. );
  267. return $this->redirectToRoute('app_login');
  268. }
  270. return $this->render('security/reset.html.twig', [
  271. 'resetForm' => $form->createView(),
  272. ]);
  273. }
  276. /**
  277. * Indique si on doit mettre à jour le mot de passe de l'utilisateur
  278. *
  279. * @Route("/{id}", name="app_need_refresh_password")
  280. *
  281. *
  282. * @param User $user
  283. *
  284. * @return Response
  285. *
  286. * @throws ClientExceptionInterface
  287. * @throws RedirectionExceptionInterface
  288. * @throws ReflectionException
  289. * @throws ServerExceptionInterface
  290. * @throws Exception
  291. * @throws Exception
  292. */
  293. public function needRefreshPassword(User $user): Response
  294. {
  295. try {
  296. $resetToken = $this->resetPasswordHelper->generateResetToken($user);
  297. } catch (ResetPasswordExceptionInterface $e) {
  298. return $this->render('security/need_refresh_password.html.twig');
  299. }
  301. $this->mailerService->createApiMailRequest(MailTypes::RESET_PASSWORD)
  302. ->addRecipientToRequest(
  303. $user,
  304. MailerFactory::buildResetPassword(
  305. $resetToken->getToken(),
  306. ),
  307. )
  308. ->send()
  309. ;
  311. // Store the token object in session for retrieval in check-email route.
  312. $this->setTokenObjectInSession($resetToken);
  314. return $this->render('security/need_refresh_password.html.twig', [
  315. 'resetToken' => $resetToken,
  316. ]);
  317. }
  318. }