src/Controller/ResetPasswordController.php line 42

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Form\ForgotPasswordType;
  6. use App\Form\ResetPasswordType;
  7. use App\Repository\UserRepository;
  8. use App\Service\ResetPasswordService;
  9. use App\Service\UserNotificationService;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  15. use Symfony\Component\Routing\Annotation\Route;
  17. class ResetPasswordController extends AbstractController
  18. {
  19.     private $entityManager;
  20.     private $userRepository;
  21.     private $resetPasswordService;
  22.     private $notificationService;
  23.     private $passwordHasher;
  25.     public function __construct(
  26.         EntityManagerInterface $entityManager,
  27.         UserRepository $userRepository,
  28.         ResetPasswordService $resetPasswordService,
  29.         UserNotificationService $notificationService,
  30.         UserPasswordHasherInterface $passwordHasher
  31.     ) {
  32.         $this->entityManager $entityManager;
  33.         $this->userRepository $userRepository;
  34.         $this->resetPasswordService $resetPasswordService;
  35.         $this->notificationService $notificationService;
  36.         $this->passwordHasher $passwordHasher;
  37.     }
  39.     /**
  40.      * @Route("/forgot-password", name="app_forgot_password")
  41.      */
  42.     public function request(Request $request): Response
  43.     {
  44.         if ($this->getUser()) {
  45.             return $this->redirectToRoute('app_dashboard');
  46.         }
  48.         $form $this->createForm(ForgotPasswordType::class);
  49.         $form->handleRequest($request);
  51.         if ($form->isSubmitted() && $form->isValid()) {
  52.             $email $form->get('email')->getData();
  53.             $user $this->userRepository->findByEmail($email);
  55.             if ($user && $user->getIsActive()) {
  56.                 // Créer le token de réinitialisation
  57.                 $resetToken $this->resetPasswordService->createResetToken($user);
  59.                 // Envoyer l'email
  60.                 $this->notificationService->sendResetPasswordEmail($user$resetToken->getToken());
  61.             }
  63.             // Toujours rediriger vers la page de confirmation pour éviter l'énumération des utilisateurs
  64.             return $this->render('security/forgot_password_check_email.html.twig');
  65.         }
  67.         return $this->render('security/forgot_password.html.twig', [
  68.             'form' => $form->createView(),
  69.         ]);
  70.     }
  72.     /**
  73.      * @Route("/reset-password/{token}", name="app_reset_password")
  74.      */
  75.     public function reset(string $tokenRequest $request): Response
  76.     {
  77.         if ($this->getUser()) {
  78.             return $this->redirectToRoute('app_dashboard');
  79.         }
  81.         $resetToken $this->resetPasswordService->validateToken($token);
  83.         if (!$resetToken) {
  84.             $this->addFlash('error''Ce lien de réinitialisation est invalide ou a expiré. Veuillez faire une nouvelle demande.');
  85.             return $this->redirectToRoute('app_forgot_password');
  86.         }
  88.         $form $this->createForm(ResetPasswordType::class);
  89.         $form->handleRequest($request);
  91.         if ($form->isSubmitted() && $form->isValid()) {
  92.             $newPassword $form->get('newPassword')->getData();
  93.             $user $resetToken->getUser();
  95.             // Hasher et enregistrer le nouveau mot de passe
  96.             $hashedPassword $this->passwordHasher->hashPassword($user$newPassword);
  97.             $user->setPassword($hashedPassword);
  98.             $user->setMustChangePassword(false);
  100.             // Marquer le token comme utilisé
  101.             $this->resetPasswordService->markTokenAsUsed($resetToken);
  103.             $this->entityManager->flush();
  105.             // Envoyer un email de confirmation
  106.             $this->notificationService->sendPasswordChangedNotification($user);
  108.             $this->addFlash('success''Votre mot de passe a été réinitialisé avec succès ! Vous pouvez maintenant vous connecter.');
  110.             return $this->redirectToRoute('app_login');
  111.         }
  113.         return $this->render('security/reset_password.html.twig', [
  114.             'form' => $form->createView(),
  115.             'token' => $token,
  116.         ]);
  117.     }
  118. }