src/Eccube/Controller/ForgotController.php line 79

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of EC-CUBE
  4.  *
  5.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  6.  *
  7.  * http://www.ec-cube.co.jp/
  8.  *
  9.  * For the full copyright and license information, please view the LICENSE
  10.  * file that was distributed with this source code.
  11.  */
  12. namespace Eccube\Controller;
  13. use Eccube\Event\EccubeEvents;
  14. use Eccube\Event\EventArgs;
  15. use Eccube\Form\Type\Front\ForgotType;
  16. use Eccube\Form\Type\Front\PasswordResetType;
  17. use Eccube\Repository\CustomerRepository;
  18. use Eccube\Service\MailService;
  19. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  20. use Symfony\Component\HttpFoundation\Request;
  21. use Symfony\Component\HttpKernel\Exception as HttpException;
  22. use Symfony\Component\Routing\Annotation\Route;
  23. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  24. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  25. use Symfony\Component\Validator\Constraints as Assert;
  26. use Symfony\Component\Validator\Validator\ValidatorInterface;
  27. class ForgotController extends AbstractController
  28. {
  29.     /**
  30.      * @var ValidatorInterface
  31.      */
  32.     protected $validator;
  33.     /**
  34.      * @var MailService
  35.      */
  36.     protected $mailService;
  37.     /**
  38.      * @var CustomerRepository
  39.      */
  40.     protected $customerRepository;
  41.     /**
  42.      * @var EncoderFactoryInterface
  43.      */
  44.     protected $encoderFactory;
  45.     /**
  46.      * ForgotController constructor.
  47.      *
  48.      * @param ValidatorInterface $validator
  49.      * @param MailService $mailService
  50.      * @param CustomerRepository $customerRepository
  51.      * @param EncoderFactoryInterface $encoderFactory
  52.      */
  53.     public function __construct(
  54.         ValidatorInterface $validator,
  55.         MailService $mailService,
  56.         CustomerRepository $customerRepository,
  57.         EncoderFactoryInterface $encoderFactory
  58.     ) {
  59.         $this->validator $validator;
  60.         $this->mailService $mailService;
  61.         $this->customerRepository $customerRepository;
  62.         $this->encoderFactory $encoderFactory;
  63.     }
  64.     /**
  65.      * パスワードリマインダ.
  66.      *
  67.      * @Route("/forgot", name="forgot", methods={"GET", "POST"})
  68.      * @Template("Forgot/index.twig")
  69.      */
  70.     public function index(Request $request)
  71.     {
  72.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  73.             throw new HttpException\NotFoundHttpException();
  74.         }
  75.         $builder $this->formFactory
  76.             ->createNamedBuilder(''ForgotType::class);
  77.         $event = new EventArgs(
  78.             [
  79.                 'builder' => $builder,
  80.             ],
  81.             $request
  82.         );
  83.         $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE);
  84.         $form $builder->getForm();
  85.         $form->handleRequest($request);
  86.         if ($form->isSubmitted() && $form->isValid()) {
  87.             $Customer $this->customerRepository
  88.                 ->getRegularCustomerByEmail($form->get('login_email')->getData());
  89.             if (!is_null($Customer)) {
  90.                 // リセットキーの発行・有効期限の設定
  91.                 $Customer
  92.                     ->setResetKey($this->customerRepository->getUniqueResetKey())
  93.                     ->setResetExpire(new \DateTime('+'.$this->eccubeConfig['eccube_customer_reset_expire'].' min'));
  94.                 // リセットキーを更新
  95.                 $this->entityManager->persist($Customer);
  96.                 $this->entityManager->flush();
  97.                 $event = new EventArgs(
  98.                     [
  99.                         'form' => $form,
  100.                         'Customer' => $Customer,
  101.                     ],
  102.                     $request
  103.                 );
  104.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_COMPLETE);
  105.                 // 完了URLの生成
  106.                 $reset_url $this->generateUrl('forgot_reset', ['reset_key' => $Customer->getResetKey()], UrlGeneratorInterface::ABSOLUTE_URL);
  107.                 // メール送信
  108.                 $this->mailService->sendPasswordResetNotificationMail($Customer$reset_url);
  109.                 // ログ出力
  110.                 log_info('send reset password mail to:'."{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}");
  111.             } else {
  112.                 log_warning(
  113.                     'Un active customer try send reset password email: ',
  114.                     ['Enter email' => $form->get('login_email')->getData()]
  115.                 );
  116.             }
  117.             return $this->redirectToRoute('forgot_complete');
  118.         }
  119.         return [
  120.             'form' => $form->createView(),
  121.         ];
  122.     }
  123.     /**
  124.      * 再設定URL送信完了画面.
  125.      *
  126.      * @Route("/forgot/complete", name="forgot_complete", methods={"GET"})
  127.      * @Template("Forgot/complete.twig")
  128.      */
  129.     public function complete(Request $request)
  130.     {
  131.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  132.             throw new HttpException\NotFoundHttpException();
  133.         }
  134.         return [];
  135.     }
  136.     /**
  137.      * パスワード再発行実行画面.
  138.      *
  139.      * @Route("/forgot/reset/{reset_key}", name="forgot_reset", methods={"GET", "POST"})
  140.      * @Template("Forgot/reset.twig")
  141.      */
  142.     public function reset(Request $request$reset_key)
  143.     {
  144.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  145.             throw new HttpException\NotFoundHttpException();
  146.         }
  147.         $errors $this->validator->validate(
  148.             $reset_key,
  149.             [
  150.                 new Assert\NotBlank(),
  151.                 new Assert\Regex(
  152.                     [
  153.                         'pattern' => '/^[a-zA-Z0-9]+$/',
  154.                     ]
  155.                 ),
  156.             ]
  157.         );
  158.         if (count($errors) > 0) {
  159.             // リセットキーに異常がある場合
  160.             throw new HttpException\NotFoundHttpException();
  161.         }
  162.         $Customer $this->customerRepository
  163.             ->getRegularCustomerByResetKey($reset_key);
  164.         if (null === $Customer) {
  165.             // リセットキーから会員データが取得できない場合
  166.             throw new HttpException\NotFoundHttpException();
  167.         }
  168.         $builder $this->formFactory
  169.             ->createNamedBuilder(''PasswordResetType::class);
  170.         $form $builder->getForm();
  171.         $form->handleRequest($request);
  172.         $error null;
  173.         if ($form->isSubmitted() && $form->isValid()) {
  174.             // リセットキー・入力メールアドレスで会員情報検索
  175.             $Customer $this->customerRepository
  176.                 ->getRegularCustomerByResetKey($reset_key$form->get('login_email')->getData());
  177.             if ($Customer) {
  178.                 // パスワードの発行・更新
  179.                 $encoder $this->encoderFactory->getEncoder($Customer);
  180.                 $pass $form->get('password')->getData();
  181.                 $Customer->setPassword($pass);
  182.                 // 発行したパスワードの暗号化
  183.                 if ($Customer->getSalt() === null) {
  184.                     $Customer->setSalt($this->encoderFactory->getEncoder($Customer)->createSalt());
  185.                 }
  186.                 $encPass $encoder->encodePassword($pass$Customer->getSalt());
  187.                 // パスワードを更新
  188.                 $Customer->setPassword($encPass);
  189.                 // リセットキーをクリア
  190.                 $Customer->setResetKey(null);
  191.                 // パスワードを更新
  192.                 $this->entityManager->persist($Customer);
  193.                 $this->entityManager->flush();
  194.                 $event = new EventArgs(
  195.                     [
  196.                         'Customer' => $Customer,
  197.                     ],
  198.                     $request
  199.                 );
  200.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_RESET_COMPLETE);
  201.                 // 完了メッセージを設定
  202.                 $this->addFlash('password_reset_complete'trans('front.forgot.reset_complete'));
  203.                 // ログインページへリダイレクト
  204.                 return $this->redirectToRoute('mypage_login');
  205.             } else {
  206.                 // リセットキー・メールアドレスから会員データが取得できない場合
  207.                 $error trans('front.forgot.reset_not_found');
  208.             }
  209.         }
  210.         return [
  211.             'error' => $error,
  212.             'form' => $form->createView(),
  213.         ];
  214.     }
  215. }