src/Controller/ResetPasswordController.php line 52

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\User;
  6. use App\Entity\UserProfile;
  7. use App\Form\ChangePasswordFormType;
  8. use App\Form\ResetPasswordRequestFormType;
  9. use Symfony\Bridge\Twig\Mime\TemplatedEmail;
  10. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  11. use Symfony\Component\HttpFoundation\RedirectResponse;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\Mailer\MailerInterface;
  15. use Symfony\Component\Mime\Address;
  16. use Symfony\Component\Routing\Annotation\Route;
  17. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  18. use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
  19. use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
  20. use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
  21. use Symfony\Contracts\Translation\TranslatorInterface;
  22. use App\Utils\MailSpool;
  23. use App\Repository\TcMailLogRepository;
  24. use App\Command\ExecuteCommand;
  26. /**
  27.  * @Route("/reset-password")
  28.  */
  29. class ResetPasswordController extends AbstractController
  30. {
  31.     use ResetPasswordControllerTrait;
  33.     private $resetPasswordHelper;
  34.     private $translator;
  35.     private $mailSpool;
  36.     private $executeCommand;
  38.     public function __construct(ResetPasswordHelperInterface $resetPasswordHelperTranslatorInterface $translatorMailSpool $mailSpoolExecuteCommand $executeCommand)
  39.     {
  40.         $this->resetPasswordHelper $resetPasswordHelper;
  41.         $this->translator $translator;
  42.         $this->mailSpool $mailSpool;
  43.         $this->executeCommand $executeCommand;
  44.     }
  47.     /**
  48.      * Display & process form to request a password reset.
  49.      *
  50.      * @Route("", name="app_forgot_password_request")
  51.      */
  52.     public function request(Request $requestMailerInterface $mailer): Response
  53.     {
  54.         $form $this->createForm(ResetPasswordRequestFormType::class);
  55.         $form->handleRequest($request);
  57.         if ($form->isSubmitted() && $form->isValid()) {
  58.             return $this->processSendingPasswordResetEmail(
  59.                 $form->get('email')->getData(),
  60.                 $mailer
  61.             );
  62.         }
  64.         return $this->render('authentication/password_reset.html.twig', [
  65.             'requestForm' => $form->createView(),
  66.         ]);
  67.     }
  69.     /**
  70.      * Confirmation page after a user has requested a password reset.
  71.      *
  72.      * @Route("/check-email", name="app_check_email")
  73.      */
  74.     public function checkEmail(): Response
  75.     {
  76.         // Generate a fake token if the user does not exist or someone hit this page directly.
  77.         // This prevents exposing whether or not a user was found with the given email address or not
  78.         if (null === ($resetToken $this->getTokenObjectFromSession())) {
  79.             return $this->redirectToRoute('app_forgot_password_request');
  80.         }
  82.         return $this->render('authentication/check_email.html.twig', [
  83.             'resetToken' => $resetToken,
  84.         ]);
  85.     }
  87.     /**
  88.      * Validates and process the reset URL that the user clicked in their email.
  89.      *
  90.      * @Route("/reset/{token}", name="app_reset_password")
  91.      */
  92.     public function reset(Request $requestUserPasswordEncoderInterface $passwordEncoderstring $token null): Response
  93.     {
  94.         if ($token) {
  95.             // We store the token in session and remove it from the URL, to avoid the URL being
  96.             // loaded in a browser and potentially leaking the token to 3rd party JavaScript.
  97.             $this->storeTokenInSession($token);
  99.             return $this->redirectToRoute('app_reset_password');
  100.         }
  102.         $token $this->getTokenFromSession();
  103.         if (null === $token) {
  104.             throw $this->createNotFoundException('No reset password token found in the URL or in the session.');
  105.         }
  107.         try {
  108.             $user $this->resetPasswordHelper->validateTokenAndFetchUser($token);
  109.         } catch (ResetPasswordExceptionInterface $e) {
  110.             $this->addFlash('reset_password_error'sprintf(
  111.                 $e->getReason()
  112.             ));
  114.             return $this->redirectToRoute('app_forgot_password_request');
  115.         }
  117.         // The token is valid; allow the user to change their password.
  118.         $form $this->createForm(ChangePasswordFormType::class);
  119.         $form->handleRequest($request);
  121.         if ($form->isSubmitted() && $form->isValid()) {
  122.             // A password reset token should be used only once, remove it.
  123.             $this->resetPasswordHelper->removeResetRequest($token);
  125.             // Encode the plain password, and set it.
  126.             $encodedPassword $passwordEncoder->encodePassword(
  127.                 $user,
  128.                 $form->get('plainPassword')->getData()
  129.             );
  131.             $user->setPassword($encodedPassword);
  132.             $this->getDoctrine()->getManager()->flush();
  134.             // The session is cleaned up after the password has been changed.
  135.             $this->cleanSessionAfterReset();
  137.             return $this->redirectToRoute('app_landing_page');
  138.         }
  140.         return $this->render('authentication/new_password.html.twig', [
  141.             'resetForm' => $form->createView(),
  142.         ]);
  143.     }
  145.     private function processSendingPasswordResetEmail(string $emailFormDataMailerInterface $mailer): RedirectResponse
  146.     {
  147.         $user $this->getDoctrine()->getRepository(User::class)->findOneBy([
  148.             'email' => $emailFormData,
  149.         ]);
  150.         // Do not reveal whether a user account was found or not.
  151.         if (!$user) {
  152.             $this->addFlash('reset_password_error'sprintf(
  153.                 'Email could not found. Please use your registered email id'
  154.             ));
  155.             return $this->redirectToRoute('app_forgot_password_request');
  156.         }
  158.         try {
  159.             $resetToken $this->resetPasswordHelper->generateResetToken($user);
  160.         } catch (ResetPasswordExceptionInterface $e) {
  161.             // If you want to tell the user why a reset email was not sent, uncomment
  162.             // the lines below and change the redirect to 'app_forgot_password_request'.
  163.             // Caution: This may reveal if a user is registered or not.
  165.             $this->addFlash('reset_password_error'sprintf(
  166.                 $e->getReason()
  167.             ));
  169.             return $this->redirectToRoute('app_forgot_password_request');
  170.         }
  172.         $users $this->getDoctrine()->getRepository(UserProfile::class)->findOneBy([
  173.             'user' => $user->getId(),
  174.         ]);
  176.         $details['firstname']=$users->getFirstName();
  177.         $details['lastname']=$users->getLastName();
  178.         $mail $this->getParameter('mail');
  179.       
  180.         $email = (new TemplatedEmail())
  181.             ->from(new Address($mail['mail_from'],$mail['mailer']))
  182.             ->to($user->getEmail())
  183.             ->subject('Your password reset request')
  184.             ->htmlTemplate('reset_password/email.html.twig')
  185.             ->context([
  186.                 'resetToken' => $resetToken,'detail' => $details
  187.             ])
  188.         ;
  190.         $mailer->send($email);
  192.         // Store the token object in session for retrieval in check-email route.
  193.         $this->setTokenObjectInSession($resetToken);
  194.         $mailSend = [];
  195.         $mailSend['user_id'] = $user->getId();
  196.         $mailSend['mail_type'] = "reset_password";
  197.         $mailSend['email'] = $mail['mail_to'];
  198.         $mailSend['email_template'] = "email.html.twig";
  199.         $mailSend['subject'] = "reset password";
  200.         $mailData $this->mailSpool->insertIntoSpool($mailSend);
  201.         $this->executeCommand->processShellCmd('mail:send');
  203.         return $this->redirectToRoute('app_check_email');
  204.     }
  205. }