src/Controller/Admin/Security/ChangePassword/ChangePasswordController.php line 43

Open in your IDE?
  1. <?php
  2. /**
  3.  * @author Yenier Jimenez <yjmorales86@gmail.com>
  4.  */
  6. namespace App\Controller\Admin\Security\ChangePassword;
  8. use App\Api\Core\Model\ApiEmptyResponse;
  9. use App\Controller\Core\BaseController;
  10. use App\Entity\User;
  11. use App\Form\Admin\Unauthenticated\User\ChangePasswordFormType;
  12. use Common\Communication\HtmlMailer\Mailer;
  13. use Common\Communication\HtmlMailer\MailerMessage;
  14. use Common\DataManagement\Validator\DataValidator;
  15. use Common\DataStorage\Redis\RedisCacheRegistry;
  16. use Common\Security\AntiSpam\ReCaptcha\v3\Exception\ReCaptchaV3Exception;
  17. use Common\Security\AntiSpam\ReCaptcha\v3\ReCaptchaV3Validator;
  18. use Doctrine\Persistence\ManagerRegistry;
  19. use Exception;
  20. use stdClass;
  21. use Symfony\Component\HttpFoundation\JsonResponse;
  22. use Symfony\Component\HttpFoundation\Request;
  23. use Symfony\Component\HttpFoundation\Response;
  24. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  25. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  26. use Symfony\Component\Routing\RouterInterface;
  27. use Symfony\Component\Routing\Annotation\Route;
  29. /**
  30.  * Controller to change password.
  31.  *
  32.  * @Route("/admin/change-password")
  33.  */
  34. class ChangePasswordController extends BaseController
  35. {
  36.     /**
  37.      * Responsible to render the page to enter the email.
  38.      *
  39.      * @Route("/enter-email", name="bo_change_password_enter_email")
  40.      *
  41.      * @return Response
  42.      */
  43.     public function enterEmail(): Response
  44.     {
  45.         return $this->render('/admin/unauthenticated/security/recover_password/change_password_enter_email.html.twig', [
  46.             'recaptchaV3SiteKey' => $this->getParameter('operation_cpg_recaptcha_v3_site_key'),
  47.         ]);
  48.     }
  50.     /**
  51.      * Responsible to generate and send the change password link.
  52.      *
  53.      * @Route("/send-link", name="bo_change_password_send_link")
  54.      *
  55.      * @param Request              $request
  56.      * @param Mailer               $mailer
  57.      * @param RedisCacheRegistry   $cache
  58.      * @param RouterInterface      $router
  59.      * @param ManagerRegistry      $doctrine
  60.      * @param ReCaptchaV3Validator $reCaptchaV3Validator
  61.      *
  62.      * @return Response
  63.      *
  64.      * @throws ReCaptchaV3Exception
  65.      * @throws Exception
  66.      */
  67.     public function sendLink(
  68.         Request $request,
  69.         Mailer $mailer,
  70.         RedisCacheRegistry $cache,
  71.         RouterInterface $router,
  72.         ManagerRegistry $doctrine,
  73.         ReCaptchaV3Validator $reCaptchaV3Validator
  74.     ): Response {
  76.         $validRecaptcha $reCaptchaV3Validator->validateByUserAction();
  77.         if (!$validRecaptcha) {
  78.             throw new Exception('You are a robot.');
  79.         }
  81.         $valid $this->validator()->isValidString($email $request->get('email'));
  82.         if (!$valid) {
  83.             throw new Exception('The email is invalid.');
  84.         }
  86.         $ttlMinutes   15;
  87.         $hash         md5(uniqid());
  88.         $route        $router->generate('bo_change_password_enter_new_password', ['hash' => $hash]);
  89.         $link         $_SERVER['HTTP_ORIGIN'] . $route;
  90.         $user         $this->repository($doctrineUser::class)->findOneByEmail($email);
  91.         $data         = new stdClass();
  92.         $data->userId $user->getId();
  93.         $data->link   $link;
  94.         $cache->set($hash$data$ttlMinutes 60); // Save hash for 15 minutes.
  95.         $title $this->getParameter('system_name');
  96.         $msg   = new MailerMessage("$title - Recover password."$email);
  97.         $msg->setContext([
  98.             'emailAddress' => $email,
  99.             'link'         => $data->link,
  100.             'ttlMinutes'   => $ttlMinutes,
  101.         ]);
  102.         $msg->setHtmlTemplate('/admin/email/security/change_password/change_password_link.html.twig');
  104.         if (!$mailer->send($msg)) {
  105.             throw new Exception('The link to change the password was not able to be sent.');
  106.         }
  108.         return $this->buildJsonResponse(new ApiEmptyResponse());
  109.     }
  111.     /**
  112.      * Updates the password.
  113.      *
  114.      * @Route("/enter-new-password", name="bo_change_password_enter_new_password")
  115.      *
  116.      * @param Request            $request
  117.      * @param RedisCacheRegistry $cache
  118.      *
  119.      * @return JsonResponse
  120.      *
  121.      * @throws Exception
  122.      */
  123.     public function enterNewPassword(Request $requestRedisCacheRegistry $cache): Response
  124.     {
  125.         $title       $this->getParameter('system_name');
  126.         $form        $this->createForm(ChangePasswordFormType::class);
  127.         $hash        $request->get('hash');
  128.         $noSentHash  = !$hash;
  129.         $expiredHash = !$cache->get($hash);
  131.         return $this->render('/admin/unauthenticated/security/recover_password/change_password_enter_new_password.html.twig',
  132.             [
  133.                 'title'              => $title,
  134.                 'noSentHash'         => $noSentHash,
  135.                 'expiredHash'        => $expiredHash,
  136.                 'form'               => $form->createView(),
  137.                 'recaptchaV3SiteKey' => $this->getParameter('operation_cpg_recaptcha_v3_site_key'),
  138.                 'hash'               => $hash
  139.             ]);
  140.     }
  142.     /**
  143.      * Updates the password.
  144.      *
  145.      * @Route("/update", name="bo_change_password_update")
  146.      *
  147.      * @param Request                     $request
  148.      * @param ManagerRegistry             $doctrine
  149.      * @param RedisCacheRegistry          $cache
  150.      * @param UserPasswordHasherInterface $passwordHasher
  151.      * @param Mailer                      $mailer
  152.      * @param ReCaptchaV3Validator        $reCaptchaV3Validator
  153.      *
  154.      * @return JsonResponse
  155.      *
  156.      * @throws ReCaptchaV3Exception
  157.      * @throws Exception
  158.      */
  159.     public function update(
  160.         Request $request,
  161.         ManagerRegistry $doctrine,
  162.         RedisCacheRegistry $cache,
  163.         UserPasswordHasherInterface $passwordHasher,
  164.         Mailer $mailer,
  165.         ReCaptchaV3Validator $reCaptchaV3Validator
  166.     ): Response {
  168.         $validRecaptcha $reCaptchaV3Validator->validateByUserAction();
  169.         if (!$validRecaptcha) {
  170.             throw new Exception('You are a robot.');
  171.         }
  173.         $hash $request->get('hash');
  174.         if (!$cacheData $cache->get($hash)) {
  175.             $this->notifyError('The token to recover the password is already expired.');
  177.             throw new NotFoundHttpException('The hash is invalid');
  178.         }
  180.         $title $this->getParameter('system_name');
  181.         $form  $this->createForm(ChangePasswordFormType::class);
  182.         $form->handleRequest($request);
  184.         if (!$form->isSubmitted() || !$form->isValid()) {
  185.             $this->notifyError('The password you submitted is invalid.');
  187.             return $this->redirectToRoute('bo_change_password_enter_new_password', ['hash' => $hash]);
  188.         }
  190.         $password $form->get('password')->getData();
  191.         $isValid  $this->validator()->isValidString($password);
  193.         if (!$isValid) {
  194.             $this->notifyError('The password is invalid.');
  196.             return $this->redirectToRoute('bo_change_password_enter_new_password', ['hash' => $hash]);
  197.         }
  199.         $user $this->repository($doctrineUser::class)->find($cacheData->userId);
  200.         $user->setPassword($passwordHasher->hashPassword($user$password));
  201.         $this->em($doctrine)->persist($user);
  202.         $this->em($doctrine)->flush();
  203.         $msg = new MailerMessage("$title - Password changed."$user->getEmail());
  204.         $msg->setHtmlTemplate('/admin/email/security/change_password/change_password_notification.html.twig');
  205.         $mailer->send($msg);
  207.         return $this->redirectToRoute('bo_change_password_success', ['hash' => $hash]);
  208.     }
  210.     /**
  211.      * Renders a page to display that the password has been updated successfully.
  212.      *
  213.      * @Route("/success/{hash}", name="bo_change_password_success")
  214.      * @throws Exception
  215.      */
  216.     public function success(Request $requestRedisCacheRegistry $cache): Response
  217.     {
  218.         if (!$hash $request->get('hash')) {
  219.             return $this->redirectToRoute('bo_login');
  220.         }
  221.         if (!$cache->get($hash)) {
  222.             return $this->redirectToRoute('bo_login');
  223.         }
  225.         $cache->purge($hash);
  227.         return $this->render('/admin/unauthenticated/security/recover_password/changed_password_successfully.html.twig',
  228.             [
  229.                 'recaptchaV3SiteKey' => $this->getParameter('operation_cpg_recaptcha_v3_site_key'),
  230.             ]);
  231.     }
  232. }