vendor/ibexa/user/src/bundle/Controller/PasswordResetController.php line 83

Open in your IDE?
  1. <?php
  3. /**
  4. * @copyright Copyright (C) Ibexa AS. All rights reserved.
  5. * @license For full copyright and license information view LICENSE file distributed with this source code.
  6. */
  7. declare(strict_types=1);
  9. namespace Ibexa\Bundle\User\Controller;
  11. use DateInterval;
  12. use DateTime;
  13. use Ibexa\Bundle\User\Type\UserForgotPasswordReason;
  14. use Ibexa\Contracts\Core\Repository\Exceptions\NotFoundException;
  15. use Ibexa\Contracts\Core\Repository\PermissionResolver;
  16. use Ibexa\Contracts\Core\Repository\UserService;
  17. use Ibexa\Contracts\Core\Repository\Values\User\User;
  18. use Ibexa\Contracts\Core\Repository\Values\User\UserTokenUpdateStruct;
  19. use Ibexa\Contracts\Core\SiteAccess\ConfigResolverInterface;
  20. use Ibexa\Contracts\Notifications\Service\NotificationServiceInterface;
  21. use Ibexa\Contracts\Notifications\Value\Notification\SymfonyNotificationAdapter;
  22. use Ibexa\Contracts\Notifications\Value\Recipent\SymfonyRecipientAdapter;
  23. use Ibexa\Contracts\Notifications\Value\Recipent\UserRecipient;
  24. use Ibexa\Contracts\User\Notification\UserPasswordReset;
  25. use Ibexa\User\ExceptionHandler\ActionResultHandler;
  26. use Ibexa\User\Form\Data\UserPasswordResetData;
  27. use Ibexa\User\Form\Factory\FormFactory;
  28. use Ibexa\User\View\ForgotPassword\FormView;
  29. use Ibexa\User\View\ForgotPassword\LoginView;
  30. use Ibexa\User\View\ForgotPassword\SuccessView;
  31. use Ibexa\User\View\ResetPassword\FormView as UserResetPasswordFormView;
  32. use Ibexa\User\View\ResetPassword\InvalidLinkView;
  33. use Ibexa\User\View\ResetPassword\SuccessView as UserResetPasswordSuccessView;
  34. use Swift_Mailer;
  35. use Swift_Message;
  36. use Symfony\Component\HttpFoundation\Request;
  37. use Symfony\Component\HttpFoundation\Response;
  38. use Twig\Environment;
  40. class PasswordResetController extends Controller
  41. {
  42. private FormFactory $formFactory;
  44. private UserService $userService;
  46. private Swift_Mailer $mailer;
  48. private Environment $twig;
  50. private ActionResultHandler $actionResultHandler;
  52. private PermissionResolver $permissionResolver;
  54. private ConfigResolverInterface $configResolver;
  56. private NotificationServiceInterface $notificationService;
  58. public function __construct(
  59. FormFactory $formFactory,
  60. UserService $userService,
  61. Swift_Mailer $mailer,
  62. Environment $twig,
  63. ActionResultHandler $actionResultHandler,
  64. PermissionResolver $permissionResolver,
  65. ConfigResolverInterface $configResolver,
  66. NotificationServiceInterface $notificationService
  67. ) {
  68. $this->formFactory = $formFactory;
  69. $this->userService = $userService;
  70. $this->mailer = $mailer;
  71. $this->twig = $twig;
  72. $this->actionResultHandler = $actionResultHandler;
  73. $this->permissionResolver = $permissionResolver;
  74. $this->configResolver = $configResolver;
  75. $this->notificationService = $notificationService;
  76. }
  78. /**
  79. * @return \Ibexa\User\View\ForgotPassword\FormView|\Ibexa\User\View\ForgotPassword\SuccessView|\Symfony\Component\HttpFoundation\RedirectResponse
  80. *
  81. * @throws \Ibexa\Core\Base\Exceptions\InvalidArgumentType
  82. */
  83. public function userForgotPasswordAction(Request $request, ?string $reason = null)
  84. {
  85. $form = $this->formFactory->forgotUserPassword();
  86. $form->handleRequest($request);
  88. if ($form->isSubmitted() && $form->isValid()) {
  89. $data = $form->getData();
  90. $users = $this->userService->loadUsersByEmail($data->getEmail());
  92. /** Because is is possible to have multiple user accounts with same email address we must gain a user login. */
  93. if (\count($users) > 1) {
  94. return $this->redirectToRoute('ibexa.user.forgot_password.login');
  95. }
  97. if (!empty($users)) {
  98. $user = reset($users);
  99. $token = $this->updateUserToken($user);
  101. $this->sendResetPasswordMessage($user, $token);
  102. }
  104. return new SuccessView(null);
  105. }
  107. return new FormView(null, [
  108. 'form_forgot_user_password' => $form->createView(),
  109. 'reason' => $reason,
  110. 'userForgotPasswordReasonMigration' => UserForgotPasswordReason::MIGRATION,
  111. ]);
  112. }
  114. /**
  115. * @param \Symfony\Component\HttpFoundation\Request $request
  116. *
  117. * @return \Ibexa\User\View\ForgotPassword\LoginView|\Ibexa\User\View\ForgotPassword\SuccessView
  118. *
  119. * @throws \Ibexa\Core\Base\Exceptions\InvalidArgumentType
  120. */
  121. public function userForgotPasswordLoginAction(Request $request)
  122. {
  123. $form = $this->formFactory->forgotUserPasswordWithLogin();
  125. $form->handleRequest($request);
  127. if ($form->isSubmitted() && $form->isValid()) {
  128. $data = $form->getData();
  130. try {
  131. $user = $this->userService->loadUserByLogin($data->getLogin());
  132. } catch (NotFoundException $e) {
  133. $user = null;
  134. }
  136. if (!$user || \count($this->userService->loadUsersByEmail($user->email)) < 2) {
  137. return new SuccessView(null);
  138. }
  140. $token = $this->updateUserToken($user);
  141. $this->sendResetPasswordMessage($user, $token);
  143. return new SuccessView(null);
  144. }
  146. return new LoginView(null, [
  147. 'form_forgot_user_password_with_login' => $form->createView(),
  148. ]);
  149. }
  151. /**
  152. * @param \Symfony\Component\HttpFoundation\Request $request
  153. * @param string $hashKey
  154. *
  155. * @return \Ibexa\User\View\ResetPassword\FormView|\Ibexa\User\View\ResetPassword\InvalidLinkView|\Ibexa\User\View\ResetPassword\SuccessView
  156. *
  157. * @throws \Ibexa\Core\Base\Exceptions\InvalidArgumentType
  158. */
  159. public function userResetPasswordAction(Request $request, string $hashKey)
  160. {
  161. $response = new Response();
  162. $response->headers->set('X-Robots-Tag', 'noindex');
  164. try {
  165. $user = $this->userService->loadUserByToken($hashKey);
  166. } catch (NotFoundException $e) {
  167. $view = new InvalidLinkView(null);
  168. $view->setResponse($response);
  170. return $view;
  171. }
  172. $userPasswordResetData = new UserPasswordResetData();
  173. $form = $this->formFactory->resetUserPassword(
  174. $userPasswordResetData,
  175. null,
  176. $user->getContentType(),
  177. $user
  178. );
  179. $form->handleRequest($request);
  181. if ($form->isSubmitted() && $form->isValid()) {
  182. try {
  183. $currentUser = $this->permissionResolver->getCurrentUserReference();
  184. $this->permissionResolver->setCurrentUserReference($user);
  185. } catch (NotFoundException $e) {
  186. $view = new InvalidLinkView(null);
  187. $view->setResponse($response);
  189. return $view;
  190. }
  192. $data = $form->getData();
  194. try {
  195. $this->userService->updateUserPassword($user, $data->getNewPassword());
  196. $this->userService->expireUserToken($hashKey);
  197. $this->permissionResolver->setCurrentUserReference($currentUser);
  199. $view = new UserResetPasswordSuccessView(null);
  200. $view->setResponse($response);
  202. return $view;
  203. } catch (\Exception $e) {
  204. $this->actionResultHandler->error($e->getMessage());
  205. }
  206. }
  208. $view = new UserResetPasswordFormView(null, [
  209. 'form_reset_user_password' => $form->createView(),
  210. ]);
  211. $view->setResponse($response);
  213. return $view;
  214. }
  216. /**
  217. * @param \Ibexa\Contracts\Core\Repository\Values\User\User $user
  218. *
  219. * @return string
  220. *
  221. * @throws \Exception
  222. */
  223. private function updateUserToken(User $user): string
  224. {
  225. $struct = new UserTokenUpdateStruct();
  226. $struct->hashKey = bin2hex(random_bytes(16));
  227. $date = new DateTime();
  228. $date->add(new DateInterval($this->configResolver->getParameter('security.token_interval_spec')));
  229. $struct->time = $date;
  230. $this->userService->updateUserToken($user, $struct);
  232. return $struct->hashKey;
  233. }
  235. private function sendResetPasswordMessage(User $user, string $hashKey): void
  236. {
  237. if ($this->isNotifierConfigured()) {
  238. $this->sendNotification($user, $hashKey);
  240. return;
  241. }
  243. // Swiftmailer delivery has to be kept to maintain backwards compatibility
  244. $template = $this->twig->load($this->configResolver->getParameter('user_forgot_password.templates.mail'));
  246. $senderAddress = $this->configResolver->hasParameter('sender_address', 'swiftmailer.mailer')
  247. ? $this->configResolver->getParameter('sender_address', 'swiftmailer.mailer')
  248. : '';
  250. $subject = $template->renderBlock('subject', []);
  251. $from = $template->renderBlock('from', []) ?: $senderAddress;
  252. $body = $template->renderBlock('body', ['hash_key' => $hashKey]);
  254. $message = (new Swift_Message())
  255. ->setSubject($subject)
  256. ->setTo($user->email)
  257. ->setBody($body, 'text/html');
  259. if (empty($from) === false) {
  260. $message->setFrom($from);
  261. }
  263. $this->mailer->send($message);
  264. }
  266. private function sendNotification($user, string $token): void
  267. {
  268. $this->notificationService->send(
  269. new SymfonyNotificationAdapter(
  270. new UserPasswordReset($user, $token),
  271. ),
  272. [new SymfonyRecipientAdapter(new UserRecipient($user))],
  273. );
  274. }
  276. private function isNotifierConfigured(): bool
  277. {
  278. $subscriptions = $this->configResolver->getParameter('notifications.subscriptions');
  280. return array_key_exists(UserPasswordReset::class, $subscriptions)
  281. && !empty($subscriptions[UserPasswordReset::class]['channels']);
  282. }
  283. }
  285. class_alias(PasswordResetController::class, 'EzSystems\EzPlatformUserBundle\Controller\PasswordResetController');