src/Eccube/Controller/ForgotController.php line 79

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of EC-CUBE
  5.  *
  6.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  7.  *
  8.  * http://www.ec-cube.co.jp/
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Eccube\Controller;
  16. use Eccube\Event\EccubeEvents;
  17. use Eccube\Event\EventArgs;
  18. use Eccube\Form\Type\Front\ForgotType;
  19. use Eccube\Form\Type\Front\PasswordResetType;
  20. use Eccube\Repository\CustomerRepository;
  21. use Eccube\Service\MailService;
  22. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  23. use Symfony\Component\HttpFoundation\Request;
  24. use Symfony\Component\HttpKernel\Exception as HttpException;
  25. use Symfony\Component\Routing\Annotation\Route;
  26. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  27. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  28. use Symfony\Component\Validator\Constraints as Assert;
  29. use Symfony\Component\Validator\Validator\ValidatorInterface;
  31. class ForgotController extends AbstractController
  32. {
  33.     /**
  34.      * @var ValidatorInterface
  35.      */
  36.     protected $validator;
  38.     /**
  39.      * @var MailService
  40.      */
  41.     protected $mailService;
  43.     /**
  44.      * @var CustomerRepository
  45.      */
  46.     protected $customerRepository;
  48.     /**
  49.      * @var EncoderFactoryInterface
  50.      */
  51.     protected $encoderFactory;
  53.     /**
  54.      * ForgotController constructor.
  55.      *
  56.      * @param ValidatorInterface $validator
  57.      * @param MailService $mailService
  58.      * @param CustomerRepository $customerRepository
  59.      * @param EncoderFactoryInterface $encoderFactory
  60.      */
  61.     public function __construct(
  62.         ValidatorInterface $validator,
  63.         MailService $mailService,
  64.         CustomerRepository $customerRepository,
  65.         EncoderFactoryInterface $encoderFactory
  66.     ) {
  67.         $this->validator $validator;
  68.         $this->mailService $mailService;
  69.         $this->customerRepository $customerRepository;
  70.         $this->encoderFactory $encoderFactory;
  71.     }
  73.     /**
  74.      * パスワードリマインダ.
  75.      *
  76.      * @Route("/forgot", name="forgot", methods={"GET", "POST"})
  77.      * @Template("Forgot/index.twig")
  78.      */
  79.     public function index(Request $request)
  80.     {
  81.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  82.             throw new HttpException\NotFoundHttpException();
  83.         }
  85.         $builder $this->formFactory
  86.             ->createNamedBuilder(''ForgotType::class);
  88.         $event = new EventArgs(
  89.             [
  90.                 'builder' => $builder,
  91.             ],
  92.             $request
  93.         );
  94.         $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE);
  96.         $form $builder->getForm();
  97.         $form->handleRequest($request);
  99.         if ($form->isSubmitted() && $form->isValid()) {
  100.             $Customer $this->customerRepository
  101.                 ->getRegularCustomerByEmail($form->get('login_email')->getData());
  103.             if (!is_null($Customer)) {
  104.                 // リセットキーの発行・有効期限の設定
  105.                 $Customer
  106.                     ->setResetKey($this->customerRepository->getUniqueResetKey())
  107.                     ->setResetExpire(new \DateTime('+'.$this->eccubeConfig['eccube_customer_reset_expire'].' min'));
  109.                 // リセットキーを更新
  110.                 $this->entityManager->persist($Customer);
  111.                 $this->entityManager->flush();
  113.                 $event = new EventArgs(
  114.                     [
  115.                         'form' => $form,
  116.                         'Customer' => $Customer,
  117.                     ],
  118.                     $request
  119.                 );
  120.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_COMPLETE);
  122.                 // 完了URLの生成
  123.                 $reset_url $this->generateUrl('forgot_reset', ['reset_key' => $Customer->getResetKey()], UrlGeneratorInterface::ABSOLUTE_URL);
  125.                 // メール送信
  126.                 $this->mailService->sendPasswordResetNotificationMail($Customer$reset_url);
  128.                 // ログ出力
  129.                 log_info('send reset password mail to:'."{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}");
  130.             } else {
  131.                 log_warning(
  132.                     'Un active customer try send reset password email: ',
  133.                     ['Enter email' => $form->get('login_email')->getData()]
  134.                 );
  135.             }
  137.             return $this->redirectToRoute('forgot_complete');
  138.         }
  140.         return [
  141.             'form' => $form->createView(),
  142.         ];
  143.     }
  145.     /**
  146.      * 再設定URL送信完了画面.
  147.      *
  148.      * @Route("/forgot/complete", name="forgot_complete", methods={"GET"})
  149.      * @Template("Forgot/complete.twig")
  150.      */
  151.     public function complete(Request $request)
  152.     {
  153.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  154.             throw new HttpException\NotFoundHttpException();
  155.         }
  157.         return [];
  158.     }
  160.     /**
  161.      * パスワード再発行実行画面.
  162.      *
  163.      * @Route("/forgot/reset/{reset_key}", name="forgot_reset", methods={"GET", "POST"})
  164.      * @Template("Forgot/reset.twig")
  165.      */
  166.     public function reset(Request $request$reset_key)
  167.     {
  168.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  169. //            throw new HttpException\NotFoundHttpException();
  170.             return $this->render("Forgot/timeout.twig");
  171.         }
  173.         $errors $this->validator->validate(
  174.             $reset_key,
  175.             [
  176.                 new Assert\NotBlank(),
  177.                 new Assert\Regex(
  178.                     [
  179.                         'pattern' => '/^[a-zA-Z0-9]+$/',
  180.                     ]
  181.                 ),
  182.             ]
  183.         );
  185.         if (count($errors) > 0) {
  186.             // リセットキーに異常がある場合
  187.             throw new HttpException\NotFoundHttpException();
  188.         }
  190.         $Customer $this->customerRepository
  191.             ->getRegularCustomerByResetKey($reset_key);
  193.         if (null === $Customer) {
  194.             // リセットキーから会員データが取得できない場合
  195. //            throw new HttpException\NotFoundHttpException();
  196.             return $this->render("Forgot/timeout.twig");
  197.         }
  199.         $builder $this->formFactory
  200.             ->createNamedBuilder(''PasswordResetType::class);
  202.         $form $builder->getForm();
  203.         $form->handleRequest($request);
  204.         $error null;
  206.         if ($form->isSubmitted() && $form->isValid()) {
  207.             // リセットキー・入力メールアドレスで会員情報検索
  208.             $Customer $this->customerRepository
  209.                 ->getRegularCustomerByResetKey($reset_key$form->get('login_email')->getData());
  210.             if ($Customer) {
  211.                 // パスワードの発行・更新
  212.                 $encoder $this->encoderFactory->getEncoder($Customer);
  213.                 $pass $form->get('password')->getData();
  214.                 $Customer->setPassword($pass);
  216.                 // 発行したパスワードの暗号化
  217.                 if ($Customer->getSalt() === null) {
  218.                     $Customer->setSalt($this->encoderFactory->getEncoder($Customer)->createSalt());
  219.                 }
  220.                 $encPass $encoder->encodePassword($pass$Customer->getSalt());
  222.                 // パスワードを更新
  223.                 $Customer->setPassword($encPass);
  224.                 // リセットキーをクリア
  225.                 $Customer->setResetKey(null);
  227.                 // パスワードを更新
  228.                 $this->entityManager->persist($Customer);
  229.                 $this->entityManager->flush();
  231.                 $event = new EventArgs(
  232.                     [
  233.                         'Customer' => $Customer,
  234.                     ],
  235.                     $request
  236.                 );
  237.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_RESET_COMPLETE);
  239.                 // 完了メッセージを設定
  240.                 $this->addFlash('password_reset_complete'trans('front.forgot.reset_complete'));
  242.                 // ログインページへリダイレクト
  243.                 return $this->redirectToRoute('mypage_login');
  244.             } else {
  245.                 // リセットキー・メールアドレスから会員データが取得できない場合
  246.                 $error trans('front.forgot.reset_not_found');
  247.             }
  248.         }
  250.         return [
  251.             'error' => $error,
  252.             'form' => $form->createView(),
  253.         ];
  254.     }
  255. }