src/Controller/ResetPasswordController.php line 37
<?phpnamespace App\Controller;use App\Entity\User;use App\Form\ChangePasswordFormType;use App\Form\ResetPasswordRequestFormType;use Symfony\Bridge\Twig\Mime\TemplatedEmail;use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;use Symfony\Component\HttpFoundation\RedirectResponse;use Symfony\Component\HttpFoundation\Request;use Symfony\Component\HttpFoundation\Response;use Symfony\Component\Mailer\MailerInterface;use Symfony\Component\Mime\Address;use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;use Symfony\Component\Routing\Annotation\Route;use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;use Symfony\Component\Messenger\MessageBusInterface;use App\Message\SendEmailMessage;use Symfony\Component\Routing\Generator\UrlGeneratorInterface;#[Route(path: '/reset-password')]class ResetPasswordController extends AbstractController{use ResetPasswordControllerTrait;public function __construct(private ResetPasswordHelperInterface $resetPasswordHelper, private \Doctrine\Persistence\ManagerRegistry $managerRegistry){}/*** Display & process form to request a password reset.*/#[Route(path: '', name: 'app_forgot_password_request')]public function request(Request $request, MailerInterface $mailer,MessageBusInterface $bus): Response{$form = $this->createForm(ResetPasswordRequestFormType::class);$form->handleRequest($request);if ($form->isSubmitted() && $form->isValid()) {return $this->processSendingPasswordResetEmail($form->get('email')->getData(),// $mailer$bus);}return $this->render('reset_password/request.html.twig', ['requestForm' => $form,]);}/*** Confirmation page after a user has requested a password reset.*/#[Route(path: '/check-email', name: 'app_check_email')]public function checkEmail(): Response{// We prevent users from directly accessing this pageif (!$this->canCheckEmail()) {return $this->redirectToRoute('app_forgot_password_request');}return $this->render('reset_password/check_email.html.twig', ['tokenLifetime' => $this->resetPasswordHelper->getTokenLifetime(),]);}/*** Validates and process the reset URL that the user clicked in their email.*/#[Route(path: '/reset/{token}', name: 'app_reset_password')]public function reset(Request $request, UserPasswordHasherInterface $passwordHasher, string $token = null): Response{if ($token) {// We store the token in session and remove it from the URL, to avoid the URL being// loaded in a browser and potentially leaking the token to 3rd party JavaScript.$this->storeTokenInSession($token);return $this->redirectToRoute('app_reset_password');}$token = $this->getTokenFromSession();if (null === $token) {throw $this->createNotFoundException('No se ha encontrado el token en la URL o en la sesión.');}try {$user = $this->resetPasswordHelper->validateTokenAndFetchUser($token);} catch (ResetPasswordExceptionInterface $e) {$this->addFlash('reset_password_error', sprintf('Ha habido un problema validando tu solicitud de restauración - %s',$e->getReason()));return $this->redirectToRoute('app_forgot_password_request');}// The token is valid; allow the user to change their password.$form = $this->createForm(ChangePasswordFormType::class);$form->handleRequest($request);if ($form->isSubmitted() && $form->isValid()) {// A password reset token should be used only once, remove it.$this->resetPasswordHelper->removeResetRequest($token);// Encode the plain password, and set it.$encodedPassword = $passwordHasher->hashPassword($user,$form->get('plainPassword')->getData());$user->setPassword($encodedPassword);$this->managerRegistry->getManager()->flush();// The session is cleaned up after the password has been changed.$this->cleanSessionAfterReset();return $this->redirectToRoute('app_login');}return $this->render('reset_password/reset.html.twig', ['resetForm' => $form,]);}private function processSendingPasswordResetEmail(string $emailFormData,MessageBusInterface $bus): RedirectResponse {$user = $this->managerRegistry->getRepository(User::class)->findOneBy(['email' => $emailFormData,]);$this->setCanCheckEmailInSession();if (!$user) {return $this->redirectToRoute('app_check_email');}try {$resetToken = $this->resetPasswordHelper->generateResetToken($user);} catch (ResetPasswordExceptionInterface $e) {$this->addFlash('reset_password_error','No se ha podido gestionar la solicitud de restauración.');return $this->redirectToRoute('app_forgot_password_request');}$resetUrl = $this->generateUrl('app_reset_password',['token' => $resetToken->getToken()],UrlGeneratorInterface::ABSOLUTE_URL);$bus->dispatch(new SendEmailMessage($user->getEmail(),'notifications/reset_password.html.twig','Restauración de contraseña',$user->getNomComplet(),['resetUrl' => $resetUrl,'tokenLifetime' => $this->resetPasswordHelper->getTokenLifetime(),]));$this->addFlash('success','Revise su correo para restaurar la contraseña.');return $this->redirectToRoute('app_check_email');}}