src/Controller/ResetPasswordController.php line 90

Open in your IDE?
  1. <?php
  3.     namespace App\Controller;
  5.     use App\Entity\User;
  6.     use App\Event\PortalUserEvent;
  7.     use App\Factory\Platform\MailerFactory;
  8.     use App\Form\Type\ChangePasswordFormType;
  9.     use App\Form\Type\ResetPasswordRequestFormType;
  10.     use App\Services\Common\Email\MailTypes;
  11.     use App\Services\Common\MailerService;
  12.     use App\Services\Common\User\WorkflowUser;
  13.     use App\Services\DTV\YamlConfig\YamlReader;
  14.     use App\Services\Portal\PortalService;
  15.     use Doctrine\ORM\EntityManagerInterface;
  16.     use Exception;
  17.     use Psr\Log\LoggerInterface;
  18.     use ReflectionException;
  19.     use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  20.     use Symfony\Component\HttpFoundation\RedirectResponse;
  21.     use Symfony\Component\HttpFoundation\Request;
  22.     use Symfony\Component\HttpFoundation\Response;
  23.     use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  24.     use Symfony\Component\Routing\Annotation\Route;
  25.     use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  26.     use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface;
  27.     use Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface;
  28.     use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
  29.     use Symfony\Contracts\Translation\TranslatorInterface;
  30.     use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
  31.     use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
  32.     use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
  34.     /**
  35.      * Controller pour la gestion de la réinitialisation du mot de passe
  36.      *
  37.      * @Route("/reset-password")
  38.      */
  39.     class ResetPasswordController extends AbstractController
  40.     {
  41.         use ResetPasswordControllerTrait;
  43.         private ResetPasswordHelperInterface $resetPasswordHelper;
  44.         private LoggerInterface              $logger;
  45.         private MailerService                $mailerService;
  46.         private YamlReader                   $yamlReader;
  47.         private EntityManagerInterface       $em;
  48.         private PortalService                $portalService;
  49.         private EventDispatcherInterface     $dispatcher;
  50.         private TranslatorInterface    $translator;
  51.         private WorkflowUser $workflowUser;
  53.         public function __construct(
  54.                 ResetPasswordHelperInterface $resetPasswordHelper,
  55.                 LoggerInterface $logger,
  56.                 MailerService $mailerService,
  57.                 YamlReader $yamlReader,
  58.                 EntityManagerInterface $em,
  59.                 PortalService $portalService,
  60.                 EventDispatcherInterface $dispatcher,
  61.                 TranslatorInterface $translator,
  62.                 WorkflowUser $workflowUser
  63.         ) {
  64.             $this->resetPasswordHelper $resetPasswordHelper;
  65.             $this->logger              $logger;
  66.             $this->mailerService       $mailerService;
  67.             $this->yamlReader          $yamlReader;
  68.             $this->em                  $em;
  69.             $this->portalService       $portalService;
  70.             $this->dispatcher          $dispatcher;
  71.             $this->translator $translator;
  72.             $this->workflowUser $workflowUser;
  73.         }
  76.         /**
  77.          * Affiche et traite le formulaire de demande de réinitialisation du mot de passe.
  78.          *
  79.          * @Route("", name="app_forgot_password_request")
  80.          *
  81.          * @param Request $request
  82.          *
  83.          * @return Response
  84.          *
  85.          * @throws ClientExceptionInterface
  86.          * @throws RedirectionExceptionInterface
  87.          * @throws ReflectionException
  88.          * @throws ServerExceptionInterface
  89.          */
  90.         public function request(Request $request): Response
  91.         {
  92.             $form $this->createForm(ResetPasswordRequestFormType::class);
  93.             $form->handleRequest($request);
  95.             if ($form->isSubmitted() && $form->isValid()) {
  96.                 return $this->processSendingPasswordResetEmail(
  97.                         $form->get('email')->getData(),
  98.                 );
  99.             }
  102.             return $this->render('security/request.html.twig', [
  103.                     'requestForm' => $form->createView(),
  104.             ]);
  105.         }
  108.         /**
  109.          * Redirige vers la page de vérification de l'e-mail.
  110.          *
  111.          * @param string $emailFormData
  112.          *
  113.          * @return RedirectResponse
  114.          *
  115.          * @throws ReflectionException
  116.          * @throws ClientExceptionInterface
  117.          * @throws RedirectionExceptionInterface
  118.          * @throws ServerExceptionInterface
  119.          * @throws Exception
  120.          */
  121.         private function processSendingPasswordResetEmail(string $emailFormData): RedirectResponse
  122.         {
  123.             $user $this->em->getRepository(User::class)->findOneBy(
  124.                     [
  125.                             'email' => $emailFormData,
  126.                     ],
  127.             );
  130.             // Do not reveal whether a user account was found or not.
  131.             if ($user === NULL) {
  132.                 return $this->redirectToRoute('app_check_email');
  133.             }
  135.             $mailer $this->yamlReader->getMailer();
  137.             // Check les CGU
  138.             if (is_null($user->getCguAt()) && $user->getStatus() === User::STATUS_CGU_PENDING) {
  139.                 $this->workflowUser->resendCGU($user);
  141.                 $this->addFlash(
  142.                         'danger',
  143.                         $this->translator->trans(
  144.                         "cgu_pending_message %contact_email%",
  145.                             ["%contact_email%" => $mailer'contact_email' ]]
  146.                         )
  147.                 );
  149.                 return $this->redirectToRoute('app_login');
  150.             }
  152.             try {
  153.                 $resetToken $this->resetPasswordHelper->generateResetToken($user);
  154.             } catch (ResetPasswordExceptionInterface $e) {
  155.                 // If you want to tell the user why a reset email was not sent, uncomment
  156.                 // the lines below and change the redirect to 'app_forgot_password_request'.
  157.                 // Caution: This may reveal if a user is registered or not.
  159.                 $this->addFlash(
  160.                         'reset_password_error',
  161.                         'il y a eu un problème lors du traitement de votre demande de réinitialisation du mot de passe - ' $e->getReason(
  162.                         ),
  163.                 );
  165.                 return $this->redirectToRoute('app_check_email');
  166.             }
  168.             $this->mailerService->createApiMailRequest(MailTypes::RESET_PASSWORD)
  169.                                 ->addRecipientToRequest(
  170.                                         $user,
  171.                                         MailerFactory::buildResetPassword($resetToken->getToken()),
  172.                                 )
  173.                                 ->send()
  174.             ;
  176.             // Store the token object in session for retrieval in check-email route.
  177.             $this->setTokenObjectInSession($resetToken);
  179.             return $this->redirectToRoute('app_check_email');
  180.         }
  183.         /**
  184.          * Page de confirmation après qu'un utilisateur a demandé une réinitialisation du mot de passe.
  185.          *
  186.          * @Route("/check-email", name="app_check_email")
  187.          */
  188.         public function checkEmail(): Response
  189.         {
  190.             return $this->render('security/check_email.html.twig', [
  191.                     'resetToken' => $this->getTokenObjectFromSession(),
  192.             ]);
  193.         }
  196.         /**
  197.          * Valide et traite l'URL de réinitialisation que l'utilisateur a cliqué dans son e-mail.
  198.          *
  199.          * @Route("/reset/{token}", name="app_reset_password")
  200.          */
  201.         public function reset(Request $requestUserPasswordHasherInterface $passwordEncoderstring $token NULL): Response
  202.         {
  203.             if ($token) {
  204.                 // We store the token in session and remove it from the URL, to avoid the URL being
  205.                 // loaded in a browser and potentially leaking the token to 3rd party JavaScript.
  206.                 $this->storeTokenInSession($token);
  208.                 return $this->redirectToRoute('app_reset_password');
  209.             }
  211.             $token $this->getTokenFromSession();
  212.             if (NULL === $token) {
  213.                 throw $this->createNotFoundException('No reset password token found in the URL or in the session.');
  214.             }
  216.             try {
  217.                 /** @var User $user */
  218.                 $user $this->resetPasswordHelper->validateTokenAndFetchUser($token);
  219.             } catch (ResetPasswordExceptionInterface $e) {
  220.                 $this->addFlash(
  221.                         'reset_password_error',
  222.                             $this->translator->trans(
  223.                             'il y a eu un problème lors de la validation de votre demande de réinitialisation - %s %reason%',
  224.                             ['%reason%' => $e->getReason()]
  225.                         ),
  226.                 );
  228.                 return $this->redirectToRoute('app_forgot_password_request');
  229.             }
  231.             // The token is valid; allow the user to change their password.
  232.             $form $this->createForm(ChangePasswordFormType::class);
  233.             $form->handleRequest($request);
  235.             if ($form->isSubmitted() && $form->isValid()) {
  236.                 $isPortal $this->portalService->isOnPortal();
  238.                 // A password reset token should be used only once, remove it.
  239.                 $this->resetPasswordHelper->removeResetRequest($token);
  241.                 // Encode the plain password, and set it.
  242.                 $encodedPassword $passwordEncoder->hashPassword(
  243.                         $user,
  244.                         $form->get('plainPassword')->getData(),
  245.                 );
  247.                 // Si on est sur un portail (parent), on propage le nouveau mot de passe sur tous les sites enfants
  248.                 if ($isPortal && $this->portalService->isAParent()) {
  249.                     $user->setPlainPassword($form->get('plainPassword')->getData());
  250.                     $portalUserEvent = new PortalUserEvent($user);
  251.                     $this->dispatcher->dispatch($portalUserEvent$portalUserEvent::NAME);
  252.                 }
  254.                 $user->setPassword($encodedPassword);
  255.                 $user->setFailedAttempts(0);
  256.                 $user->setLastFailedAttempt(null);
  257.                 $this->em->flush();
  259.                 // The session is cleaned up after the password has been changed.
  260.                 $this->cleanSessionAfterReset();
  262.                 $this->addFlash(
  263.                         'success',
  264.                         $this->translator->trans('votre nouveau mot de passe a bien été enregistré !')
  265.                 );
  267.                 return $this->redirectToRoute('app_login');
  268.             }
  270.             return $this->render('security/reset.html.twig', [
  271.                     'resetForm' => $form->createView(),
  272.             ]);
  273.         }
  276.         /**
  277.          * Indique si on doit mettre à jour le mot de passe de l'utilisateur
  278.          *
  279.          * @Route("/{id}", name="app_need_refresh_password")
  280.          *
  281.          *
  282.          * @param User $user
  283.          *
  284.          * @return Response
  285.          *
  286.          * @throws ClientExceptionInterface
  287.          * @throws RedirectionExceptionInterface
  288.          * @throws ReflectionException
  289.          * @throws ServerExceptionInterface
  290.          * @throws Exception
  291.          * @throws Exception
  292.          */
  293.         public function needRefreshPassword(User $user): Response
  294.         {
  295.             try {
  296.                 $resetToken $this->resetPasswordHelper->generateResetToken($user);
  297.             } catch (ResetPasswordExceptionInterface $e) {
  298.                 return $this->render('security/need_refresh_password.html.twig');
  299.             }
  301.             $this->mailerService->createApiMailRequest(MailTypes::RESET_PASSWORD)
  302.                                 ->addRecipientToRequest(
  303.                                         $user,
  304.                                         MailerFactory::buildResetPassword(
  305.                                                 $resetToken->getToken(),
  306.                                         ),
  307.                                 )
  308.                                 ->send()
  309.             ;
  311.             // Store the token object in session for retrieval in check-email route.
  312.             $this->setTokenObjectInSession($resetToken);
  314.             return $this->render('security/need_refresh_password.html.twig', [
  315.                     'resetToken' => $resetToken,
  316.             ]);
  317.         }
  318.     }