src/Controller/ForgotPasswordController.php line 18

  1. <?php
  2. namespace App\Controller;
  3. use App\Repository\UserRepository;
  4. use Doctrine\ORM\EntityManagerInterface;
  5. use Symfony\Bridge\Twig\Mime\TemplatedEmail;
  6. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\HttpFoundation\Response;
  9. use Symfony\Component\Mailer\MailerInterface;
  10. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  11. use Symfony\Component\Routing\Annotation\Route;
  12. class ForgotPasswordController extends AbstractController
  13. {
  14.     #[Route('/forgot-password'name'app_forgot_password')]
  15.     public function request(Request $requestUserRepository $userRepositoryEntityManagerInterface $emMailerInterface $mailer): Response
  16.     {
  17.         $sent false;
  18.         $error null;
  19.         if ($request->isMethod('POST')) {
  20.             $email trim($request->request->get('email'''));
  21.             $user $userRepository->findOneBy(['email' => $email]);
  22.             if ($user) {
  23.                 $token bin2hex(random_bytes(32));
  24.                 $user->setResetToken($token);
  25.                 $user->setResetTokenExpiresAt(new \DateTimeImmutable('+1 hour'));
  26.                 $em->flush();
  27.                 $resetUrl $this->generateUrl('app_reset_password', ['token' => $token], \Symfony\Component\Routing\Generator\UrlGeneratorInterface::ABSOLUTE_URL);
  28.                 $mail = (new TemplatedEmail())
  29.                     ->from('info@b2bnaturamedicatrix.com')
  30.                     ->to($user->getEmail())
  31.                     ->subject('Réinitialisation de votre mot de passe')
  32.                     ->htmlTemplate('emails/forgot_password.html.twig')
  33.                     ->context([
  34.                         'reset_url' => $resetUrl,
  35.                         'user' => $user,
  36.                     ]);
  37.                 $mailer->send($mail);
  38.             }
  39.             // Toujours afficher le même message pour ne pas révéler si l'email existe
  40.             $sent true;
  41.         }
  42.         return $this->render('forgot_password/request.html.twig', [
  43.             'sent' => $sent,
  44.             'error' => $error,
  45.         ]);
  46.     }
  47.     #[Route('/reset-password/{token}'name'app_reset_password')]
  48.     public function reset(string $tokenRequest $requestUserRepository $userRepositoryEntityManagerInterface $emUserPasswordHasherInterface $passwordHasher): Response
  49.     {
  50.         $user $userRepository->findOneBy(['resetToken' => $token]);
  51.         if (!$user || !$user->getResetTokenExpiresAt() || $user->getResetTokenExpiresAt() < new \DateTimeImmutable()) {
  52.             return $this->render('forgot_password/invalid_token.html.twig');
  53.         }
  54.         $error null;
  55.         if ($request->isMethod('POST')) {
  56.             $password $request->request->get('password''');
  57.             $confirm $request->request->get('password_confirm''');
  58.             if (strlen($password) < 8) {
  59.                 $error 'Le mot de passe doit contenir au moins 8 caractères.';
  60.             } elseif ($password !== $confirm) {
  61.                 $error 'Les mots de passe ne correspondent pas.';
  62.             } else {
  63.                 $user->setPassword($passwordHasher->hashPassword($user$password));
  64.                 $user->setGeneratePasswordRecovery($password);
  65.                 $user->setResetToken(null);
  66.                 $user->setResetTokenExpiresAt(null);
  67.                 $em->flush();
  68.                 $this->addFlash('success''Votre mot de passe a été réinitialisé. Vous pouvez vous connecter.');
  69.                 return $this->redirectToRoute('app_login');
  70.             }
  71.         }
  72.         return $this->render('forgot_password/reset.html.twig', [
  73.             'token' => $token,
  74.             'error' => $error,
  75.         ]);
  76.     }
  77. }