fix: update reset password controller to use smtp settings from config
This commit is contained in:
@@ -6,16 +6,16 @@ use App\User\Framework\Entity\User;
|
||||
use App\User\Framework\Form\ChangePasswordForm;
|
||||
use App\User\Framework\Form\ResetPasswordRequestForm;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Bridge\Twig\Mime\TemplatedEmail;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Mailer\MailerInterface;
|
||||
use Symfony\Component\Mime\Address;
|
||||
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
|
||||
use Symfony\Component\Routing\Attribute\Route;
|
||||
use Symfony\Component\Security\Http\Attribute\IsGranted;
|
||||
use Symfony\Contracts\Translation\TranslatorInterface;
|
||||
use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
|
||||
use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
|
||||
@@ -28,7 +28,8 @@ class ResetPasswordController extends AbstractController
|
||||
|
||||
public function __construct(
|
||||
private ResetPasswordHelperInterface $resetPasswordHelper,
|
||||
private EntityManagerInterface $entityManager
|
||||
private EntityManagerInterface $entityManager,
|
||||
private readonly Security $security
|
||||
) {
|
||||
}
|
||||
|
||||
@@ -36,17 +37,18 @@ class ResetPasswordController extends AbstractController
|
||||
* Display & process form to request a password reset.
|
||||
*/
|
||||
#[Route('', name: 'app_forgot_password_request')]
|
||||
public function request(Request $request, MailerInterface $mailer, TranslatorInterface $translator): Response
|
||||
{
|
||||
public function request(
|
||||
Request $request,
|
||||
MailerInterface $mailer,
|
||||
LoggerInterface $logger
|
||||
): Response {
|
||||
$form = $this->createForm(ResetPasswordRequestForm::class);
|
||||
$form->handleRequest($request);
|
||||
|
||||
if ($form->isSubmitted() && $form->isValid()) {
|
||||
/** @var string $email */
|
||||
$email = $form->get('email')->getData();
|
||||
|
||||
return $this->processSendingPasswordResetEmail($email, $mailer, $translator
|
||||
);
|
||||
return $this->processSendingPasswordResetEmail($email, $mailer, $logger);
|
||||
}
|
||||
|
||||
return $this->render('user/reset_password/request.html.twig', [
|
||||
@@ -75,8 +77,12 @@ class ResetPasswordController extends AbstractController
|
||||
* Validates and process the reset URL that the user clicked in their email.
|
||||
*/
|
||||
#[Route('/reset/{token}', name: 'app_reset_password')]
|
||||
public function reset(Request $request, UserPasswordHasherInterface $passwordHasher, TranslatorInterface $translator, ?string $token = null): Response
|
||||
{
|
||||
public function reset(
|
||||
Request $request,
|
||||
UserPasswordHasherInterface $passwordHasher,
|
||||
TranslatorInterface $translator,
|
||||
?string $token = null
|
||||
): Response {
|
||||
if ($token) {
|
||||
// We store the token in session and remove it from the URL, to avoid the URL being
|
||||
// loaded in a browser and potentially leaking the token to 3rd party JavaScript.
|
||||
@@ -130,8 +136,11 @@ class ResetPasswordController extends AbstractController
|
||||
]);
|
||||
}
|
||||
|
||||
private function processSendingPasswordResetEmail(string $emailFormData, MailerInterface $mailer, TranslatorInterface $translator): RedirectResponse
|
||||
{
|
||||
private function processSendingPasswordResetEmail(
|
||||
string $emailFormData,
|
||||
MailerInterface $mailer,
|
||||
LoggerInterface $logger
|
||||
): RedirectResponse {
|
||||
$user = $this->entityManager->getRepository(User::class)->findOneBy([
|
||||
'email' => $emailFormData,
|
||||
]);
|
||||
@@ -144,21 +153,17 @@ class ResetPasswordController extends AbstractController
|
||||
try {
|
||||
$resetToken = $this->resetPasswordHelper->generateResetToken($user);
|
||||
} catch (ResetPasswordExceptionInterface $e) {
|
||||
// If you want to tell the user why a reset email was not sent, uncomment
|
||||
// the lines below and change the redirect to 'app_forgot_password_request'.
|
||||
// Caution: This may reveal if a user is registered or not.
|
||||
//
|
||||
// $this->addFlash('reset_password_error', sprintf(
|
||||
// '%s - %s',
|
||||
// $translator->trans(ResetPasswordExceptionInterface::MESSAGE_PROBLEM_HANDLE, [], 'ResetPasswordBundle'),
|
||||
// $translator->trans($e->getReason(), [], 'ResetPasswordBundle')
|
||||
// ));
|
||||
$logger->error('> [ResetPasswordController@processSendingPasswordResetEmail] ' . $e->getMessage());
|
||||
|
||||
$this->addFlash(
|
||||
'reset_password_error',
|
||||
'Your password reset token could not be generated. If you\'re the system administrator, check the server logs for more details.'
|
||||
);
|
||||
|
||||
return $this->redirectToRoute('app_check_email');
|
||||
}
|
||||
|
||||
$email = (new TemplatedEmail())
|
||||
->from(new Address('notify@caldwell.digital', 'Torsearch'))
|
||||
->to((string) $user->getEmail())
|
||||
->subject('Your password reset request')
|
||||
->htmlTemplate('user/reset_password/email.html.twig')
|
||||
|
||||
Reference in New Issue
Block a user