src/Controller/ResetPasswordController.php line 35
<?phpnamespace App\Controller;use App\Entity\User;use Doctrine\ORM\EntityManagerInterface;use Symfony\Bridge\Twig\Mime\TemplatedEmail;use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;use Symfony\Component\HttpFoundation\RedirectResponse;use Symfony\Component\HttpFoundation\Request;use Symfony\Component\HttpFoundation\Response;use Symfony\Component\Mailer\MailerInterface;use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;use Symfony\Component\Routing\Annotation\Route;use Symfony\Contracts\Translation\TranslatorInterface;use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;#[Route('/reset-password')]class ResetPasswordController extends AbstractController{use ResetPasswordControllerTrait;public function __construct(private ResetPasswordHelperInterface $resetPasswordHelper,private EntityManagerInterface $em,private MailerInterface $mailer) {}/*** Display & process form to request a password reset.*/#[Route('', name: 'app_forgot_password_request')]public function request(Request $request, MailerInterface $mailer, TranslatorInterface $translator): Response{// $form = $this->createForm(ResetPasswordRequestFormType::class);// $form->handleRequest($request);if ($request->isMethod('POST')) {$user = $this->em->getRepository(User::class)->findOneBy(["email"=>$request->request->get('email')]);if (!$user) {$this->addFlash('error_login', $translator->trans("Votre adresse email est incorrecte"));return $this->redirectToRoute('app_forgot_password_request');}// Sinon si l'utilisateur existe et que son statut est 2, retourne une exceptionelseif ($user->getStatus() == 4 ) {$this->addFlash('error_login', $translator->trans("Votre compte est temporairement désactivé. Veuillez contacter le support pour plus d'information"));return $this->redirectToRoute('app_forgot_password_request');}elseif ($user->isVerified() != true ) {$this->addFlash('error_login', $translator->trans("Veuillez valider votre email d'abord et réessayer."));return $this->redirectToRoute('app_forgot_password_request');}elsereturn $this->processSendingPasswordResetEmail($request->request->get('email'),$mailer,$translator);}return $this->render('reset_password/request.html.twig');}/*** Confirmation page after a user has requested a password reset.*/#[Route('/check-email', name: 'app_check_email')]public function checkEmail(): Response{// Generate a fake token if the user does not exist or someone hit this page directly.// This prevents exposing whether or not a user was found with the given email address or notif (null === ($resetToken = $this->getTokenObjectFromSession())) {$resetToken = $this->resetPasswordHelper->generateFakeResetToken();}return $this->render('reset_password/check_email.html.twig', ['resetToken' => $resetToken,]);}/*** Validates and process the reset URL that the user clicked in their email.*/#[Route('/reset/{token}', name: 'app_reset_password')]public function reset(Request $request, UserPasswordHasherInterface $passwordHasher, TranslatorInterface $translator, string $token = null): Response{if ($token) {// We store the token in session and remove it from the URL, to avoid the URL being// loaded in a browser and potentially leaking the token to 3rd party JavaScript.$this->storeTokenInSession($token);return $this->redirectToRoute('app_reset_password');}$token = $this->getTokenFromSession();if (null === $token) {$this->addFlash('error_login', $translator->trans("Aucun jeton de réinitialisation du mot de passe n'a été trouvé dans l'URL ou dans la session."));// throw $this->createNotFoundException('No reset password token found in the URL or in the session.');return $this->redirectToRoute('app_forgot_password_request');}try {$user = $this->resetPasswordHelper->validateTokenAndFetchUser($token);} catch (ResetPasswordExceptionInterface $e) {$this->addFlash('error_login', sprintf('%s - %s',$translator->trans(ResetPasswordExceptionInterface::MESSAGE_PROBLEM_VALIDATE, [], 'ResetPasswordBundle'),$translator->trans($e->getReason(), [], 'ResetPasswordBundle')));return $this->redirectToRoute('app_forgot_password_request');}// The token is valid; allow the user to change their password.if ($request->isMethod('POST') && $request->request->get('valid') == 100) {// A password reset token should be used only once, remove it.// $this->resetPasswordHelper->removeResetRequest($token);// Encode(hash) the plain password, and set it.$encodedPassword = $passwordHasher->hashPassword($user,$request->request->get('password'));$user->setPassword($encodedPassword);$user->setIsVerified(true);$this->em->persist($user);$this->em->flush();// The session is cleaned up after the password has been changed.// $this->cleanSessionAfterReset();try {$email = (new TemplatedEmail())->to($user->getEmail())->subject($translator->trans("Confirmation de la réinitialisation de votre mot de passe sur FILMAFRIK"))->htmlTemplate('reset_password/email.html.twig')->context(["title" => $translator->trans("Cher/Chère")." ".$user->getFirstname()." ".$user->getLastname().", ",'text' => $translator->trans("Nous vous confirmons que votre mot de passe sur FILMAFRIK a bien été réinitialisé avec succès. Vous pouvez maintenant accéder à votre compte en utilisant votre nouveau mot de passe.Si vous n'avez pas récemment demandé la réinitialisation de votre mot de passe, veuillez contacter notre équipe d'assistance immédiatement afin que nous puissions prendre les mesures nécessaires."),]);$this->mailer->send($email);} catch (\Throwable $th) {//throw $th;}$this->addFlash('success', $translator->trans("Votre mot de passe a été réinitialisé avec succès, vous pouvez vous connecter."));return $this->redirectToRoute('app_login');}return $this->render('reset_password/reset.html.twig');}private function processSendingPasswordResetEmail(string $emailFormData, MailerInterface $mailer, TranslatorInterface $translator): RedirectResponse{$user = $this->em->getRepository(User::class)->findOneBy(['email' => $emailFormData,]);// Do not reveal whether a user account was found or not.if (!$user) {return $this->redirectToRoute('app_check_email');}try {$resetToken = $this->resetPasswordHelper->generateResetToken($user);} catch (ResetPasswordExceptionInterface $e) {// If you want to tell the user why a reset email was not sent, uncomment// the lines below and change the redirect to 'app_forgot_password_request'.// Caution: This may reveal if a user is registered or not.//// $this->addFlash('reset_password_error', sprintf(// '%s - %s',// $translator->trans(ResetPasswordExceptionInterface::MESSAGE_PROBLEM_HANDLE, [], 'ResetPasswordBundle'),// $translator->trans($e->getReason(), [], 'ResetPasswordBundle')// ));return $this->redirectToRoute('app_check_email');}try {$email = (new TemplatedEmail())->to($user->getEmail())->subject($translator->trans("Réinitialisation du mot de passe"))->htmlTemplate('reset_password/email.html.twig')->context(["title" => $translator->trans("Cher/Chère")." ".$user->getFirstname()." ".$user->getLastname().", ",'resetToken' => $resetToken,'text' => $translator->trans("Nous avons bien reçu votre demande de réinitialisation de votre mot de passe sur FILMAFRIK. Pour procéder à la réinitialisation, veuillez cliquer sur le bouton ci-dessous :"),'textBtn' => $translator->trans('Réinitialiser'),'expireText' => $translator->trans("Ce lien expirera dans ")]);$mailer->send($email);} catch (\Throwable $th) {//throw $th;}// Store the token object in session for retrieval in check-email route.$this->setTokenObjectInSession($resetToken);return $this->redirectToRoute('app_check_email');}}