<?php/** * Created by PhpStorm. * User: mint * Date: 11/11/19 * Time: 08:01 */namespace App\Controller;use App\Entity\ResetPassword;use App\Form\ForgotPasswordType;use App\Form\PasswordUserUpdateType;use App\Notification\EmailNotification;use App\Repository\ResetPasswordRepository;use App\Repository\UserRepository;use Doctrine\ORM\EntityManagerInterface;use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;use Symfony\Component\HttpFoundation\Request;use Symfony\Component\Routing\Annotation\Route;use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;class ForgetPasswordController extends AbstractController{ /** * @Route("/forgot", name="forgot_password") */ public function forgotPasswordRequest(Request $request, EmailNotification $emailNotification, EntityManagerInterface $em, UserRepository $userRepository) { $resetPassword = new ResetPassword(); $form = $this->createForm(ForgotPasswordType::class, $resetPassword); $form->handleRequest($request); if ($form->isSubmitted() && $form->isValid()) { $formData = $form->getData(); $email = $formData->getEmail(); $user = $userRepository->findOneBy([ 'email' => $email ]); if($user){ //enregistrer ici dans la table ResetPassword et envoyer le mail $lang = $user->getLanguage(); $now = new \DateTimeImmutable(); $expireAt = $now->add(new \DateInterval("PT1H")); $token = $this->generateToken(); $resetPassword->setEmail($email) ->setCreateAt($now) ->setToken($token) ->setEndAt($expireAt) ; $em->persist($resetPassword); $em->flush(); $emailNotification->forgotPasswordLink($email, $token, $lang); $this->addFlash('success', 'Un email vous a été envoyé pour modifier votre mot de passe, merci de le consulter rapidement, le lien est valable UNE heure seulement'); return $this->redirectToRoute('forgot_password'); }else{ $this->addFlash('error', 'Aucun utilisateur inscrit avec cette adresse email'); return $this->redirectToRoute('forgot_password'); } } return $this->render('pages/forgot.html.twig', [ 'form' => $form->createView(), ]); } /** * @Route("/reset/{email}/{token}", name="reset_password_from_email") */ public function forgotPasswordResponseToTheLink($email, $token, Request $request, UserRepository $userRepository, ResetPasswordRepository $resetPasswordRepository, UserPasswordEncoderInterface $passwordEncoder,EntityManagerInterface $em, EmailNotification $emailNotification) { $existingToken = $resetPasswordRepository->findOneBy([ 'token' => $token ]); $now = new \DateTimeImmutable(); if($existingToken and $existingToken->getEndAt() > $now ){ //changer le MDP ICI $user = $userRepository->findOneBy([ 'email' => $email, ]); $form = $this->createForm(PasswordUserUpdateType::class, $user); $form->handleRequest($request); if ($form->isSubmitted() && $form->isValid()) { $formData = $form->getData(); $newPassword = $formData->getPassword(); $encodedPassword = $passwordEncoder->encodePassword($user,$newPassword); $user->setPassword($encodedPassword); $em->persist($user); $em->remove($existingToken); $em->flush(); $lang = $user->getLanguage(); $emailNotification->forgotPasswordOk($email, $lang); $this->addFlash('success', 'Votre mot de passe a bien été modifié, vous pouvez vous connecter'); return $this->redirectToRoute('app_login'); } return $this->render('pages/reset.html.twig', [ 'form' => $form->createView(), ]); }else{ if($existingToken) { $em->remove($existingToken); $em->flush(); } $this->addFlash('error', 'Cette demande a expiré ou n\'existe pas, veuillez en refaire la demande'); return $this->redirectToRoute('forgot_password'); } } public function generateToken() { //Generate a random string. $token = openssl_random_pseudo_bytes(16);//Convert the binary data into hexadecimal representation. $token = bin2hex($token); return $token; }}