1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155
| <?php
namespace App\Controller;
use App\Entity\PasswordReset;
use App\Entity\PasswordUpdate;
use App\Entity\User;
use App\Form\PasswordResetType;
use App\Form\PasswordUpdateType;
use Doctrine\Common\Persistence\ObjectManager;
use Exception;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
use Swift_Mailer;
use App\Form\MailResetType;
use App\Service\MailerService;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Form\FormError;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
class PasswordController extends AbstractController
{
/**
* @return string
* @throws Exception
*/
private function generateToken()
{
return rtrim(strtr(base64_encode(random_bytes(32)), '+/', '-_'), '=');
}
/**
* @Route ("/mail-password-reset", name="mail_password_reset")
* @param Request $request
* @param MailerService $mailerService
* @param Swift_Mailer $mailer
* @return RedirectResponse|Response
* @throws Exception
*/
public function sendMailPasswordReset(Request $request, MailerService $mailerService,
\Swift_Mailer $mailer)
{
$manager = $this->getDoctrine()->getManager();
$formMailReset = $this->createForm(MailResetType::class);
$formMailReset->handleRequest($request);
$email = $formMailReset->get('email')->getData();
if ($formMailReset->isSubmitted() && $formMailReset->isValid()) {
$user = $manager->getRepository(User::class)->findOneBy(['email' => $email]);
$token = random_bytes(16);
//Conversion du binaire en hexadécimal
$token = bin2hex($token);
$user->setToken($token);
$manager->persist($user);
$manager->flush();
$this->addFlash('success',
'Un email vient de vous etre envoyé pour la réinitialisation du mot de passe');
if ($user === null) {
$this->addFlash('user-error',
'Utilisateur inconnu, merci de renseigner un email valide');
return $this->redirectToRoute('security_registration');
}
$token = $user->getToken();
$email = $user->getEmail();
$template = 'MailtoResetPassword.html.twig';
$username = $user->getUsername();
$mailerService->sendToken($token, $email, $username, $template);
return $this->redirectToRoute('home');
}
return $this->render('security/mailPasswordReset.html.twig', ['formMailReset' => $formMailReset->createView()
]);
}
/**
* @Route("/reset_password/{token}", name="security_password_reset")
*/
public function resetPassword(Request $request, string $token, UserPasswordEncoderInterface $passwordEncoder)
{
$passwordReset = new PasswordReset();
$formPasswordReset = $this->createForm(PasswordResetType::class, $passwordReset);
$formPasswordReset->handleRequest($request);
if ($request->isMethod('POST')) {
$entityManager = $this->getDoctrine()->getManager();
$user = $entityManager->getRepository(User::class)->findOneByToken($token);
/* @var $user User */
if ($user === null) {
$this->addFlash('danger', 'Token Inconnu');
return $this->redirectToRoute('home');
}
// $user->setToken(null);
// $user->setPassword($passwordEncoder->encodePassword($user, $request->request->get('password')));
$entityManager->flush();
$this->addFlash('success', 'Mot de passe mis à jour');
return $this->redirectToRoute('security_login');
} else {
return $this->render('security/resetPassword.html.twig',
['token' => $token,
'formPasswordReset' => $formPasswordReset->createView()
]);
}
}
/**
* Permet de modifier le mot de passe
* @Route("/password-update",name="security_password_update")
* @Security("is_granted('ROLE_USER')")
* @param Request $request
* @param UserPasswordEncoderInterface $encoder
* @param ObjectManager $manager
* @param MailerService $mailerService
* @param Swift_Mailer $mailer
* @return Response
*/
public function UpdatePassword(Request $request, UserPasswordEncoderInterface $encoder, ObjectManager $manager,
MailerService $mailerService, Swift_Mailer $mailer)
{
$passwordUpdate = new PasswordUpdate();
$user = $this->getUser();
$formPassword = $this->createForm(PasswordUpdateType::class, $passwordUpdate);
$formPassword->handleRequest($request);
if ($formPassword->isSubmitted() && $formPassword->isValid()) {
// Vérification de l'ancien mot de passe par rapport à la base
if (!password_verify($passwordUpdate->getOldPassword(), $user->getPassword())) {
// Gestion de l'erreur
$formPassword->get('oldPassword')->addError(new FormError("Le mot de passe fourni n'est
pas le bon mot de passe"));
} else {
$newPassword = $passwordUpdate->getNewPassword();
$hash = $encoder->encodePassword($user, $newPassword);
$user->setPassword($hash);
$manager->persist($user);
$manager->flush();
$email = $user->getEmail();
$username = $user->getUsername();
$template = 'confirmPasswordChange.html.twig';
$mailerService->sendToken($mailer, $email, $username, $template);
$this->addFlash(
'success',
'Votre mot de passe a bien été modifié! Un email de confirmation vient de vous être envoyé.'
);
return $this->redirectToRoute('security_login');
}
}
return $this->render('security/password.html.twig', [
'formPassword' => $formPassword->createView()
]);
}
} |
Partager