src/Eccube/Controller/ForgotController.php line 79

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of EC-CUBE
  5.  *
  6.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  7.  *
  8.  * http://www.ec-cube.co.jp/
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Eccube\Controller;
  16. use Eccube\Event\EccubeEvents;
  17. use Eccube\Event\EventArgs;
  18. use Eccube\Form\Type\Front\ForgotType;
  19. use Eccube\Form\Type\Front\PasswordResetType;
  20. use Eccube\Repository\CustomerRepository;
  21. use Eccube\Service\MailService;
  22. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  23. use Symfony\Component\HttpFoundation\Request;
  24. use Symfony\Component\HttpKernel\Exception as HttpException;
  25. use Symfony\Component\Routing\Annotation\Route;
  26. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  27. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  28. use Symfony\Component\Validator\Constraints as Assert;
  29. use Symfony\Component\Validator\Validator\ValidatorInterface;
  31. class ForgotController extends AbstractController
  32. {
  33.     /**
  34.      * @var ValidatorInterface
  35.      */
  36.     protected $validator;
  38.     /**
  39.      * @var MailService
  40.      */
  41.     protected $mailService;
  43.     /**
  44.      * @var CustomerRepository
  45.      */
  46.     protected $customerRepository;
  48.     /**
  49.      * @var EncoderFactoryInterface
  50.      */
  51.     protected $encoderFactory;
  53.     /**
  54.      * ForgotController constructor.
  55.      *
  56.      * @param ValidatorInterface $validator
  57.      * @param MailService $mailService
  58.      * @param CustomerRepository $customerRepository
  59.      * @param EncoderFactoryInterface $encoderFactory
  60.      */
  61.     public function __construct(
  62.         ValidatorInterface $validator,
  63.         MailService $mailService,
  64.         CustomerRepository $customerRepository,
  65.         EncoderFactoryInterface $encoderFactory
  66.     ) {
  67.         $this->validator $validator;
  68.         $this->mailService $mailService;
  69.         $this->customerRepository $customerRepository;
  70.         $this->encoderFactory $encoderFactory;
  71.     }
  73.     /**
  74.      * パスワードリマインダ.
  75.      *
  76.      * @Route("/forgot", name="forgot", methods={"GET", "POST"})
  77.      * @Template("Forgot/index.twig")
  78.      */
  79.     public function index(Request $request)
  80.     {
  81.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  82.             throw new HttpException\NotFoundHttpException();
  83.         }
  85.         $builder $this->formFactory
  86.             ->createNamedBuilder(''ForgotType::class);
  88.         $event = new EventArgs(
  89.             [
  90.                 'builder' => $builder,
  91.             ],
  92.             $request
  93.         );
  94.         $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE);
  96.         $form $builder->getForm();
  97.         $form->handleRequest($request);
  99.         if ($form->isSubmitted() && $form->isValid()) {
  100.             $Customer $this->customerRepository
  101.                 ->getRegularCustomerByEmail($form->get('login_email')->getData());
  103.             if (!is_null($Customer)) {
  104.                 // リセットキーの発行・有効期限の設定
  105.                 $Customer
  106.                     ->setResetKey($this->customerRepository->getUniqueResetKey())
  107.                     ->setResetExpire(new \DateTime('+'.$this->eccubeConfig['eccube_customer_reset_expire'].' min'));
  109.                 // リセットキーを更新
  110.                 $this->entityManager->persist($Customer);
  111.                 $this->entityManager->flush();
  113.                 $event = new EventArgs(
  114.                     [
  115.                         'form' => $form,
  116.                         'Customer' => $Customer,
  117.                     ],
  118.                     $request
  119.                 );
  120.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_COMPLETE);
  122.                 // 完了URLの生成
  123.                 $reset_url $this->generateUrl('forgot_reset', ['reset_key' => $Customer->getResetKey()], UrlGeneratorInterface::ABSOLUTE_URL);
  125.                 // プラザの場合はフラグを追加
  126.                 $layout $request->getSession()->get('header_footer_layout''palace');
  127.                 if ($layout === 'plaza') {
  128.                     $reset_url .= '?plaza=1';
  129.                 }
  131.                 // メール送信
  132.                 $this->mailService->sendPasswordResetNotificationMail($Customer$reset_url);
  134.                 // ログ出力
  135.                 log_info('send reset password mail to:'."{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}");
  136.             } else {
  137.                 log_warning(
  138.                     'Un active customer try send reset password email: ',
  139.                     ['Enter email' => $form->get('login_email')->getData()]
  140.                 );
  141.             }
  143.             return $this->redirectToRoute('forgot_complete');
  144.         }
  146.         return [
  147.             'form' => $form->createView(),
  148.         ];
  149.     }
  151.     /**
  152.      * 再設定URL送信完了画面.
  153.      *
  154.      * @Route("/forgot/complete", name="forgot_complete", methods={"GET"})
  155.      * @Template("Forgot/complete.twig")
  156.      */
  157.     public function complete(Request $request)
  158.     {
  159.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  160.             throw new HttpException\NotFoundHttpException();
  161.         }
  163.         return [];
  164.     }
  166.     /**
  167.      * パスワード再発行実行画面.
  168.      *
  169.      * @Route("/forgot/reset/{reset_key}", name="forgot_reset", methods={"GET", "POST"})
  170.      * @Template("Forgot/reset.twig")
  171.      */
  172.     public function reset(Request $request$reset_key)
  173.     {
  174.         if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  175.             throw new HttpException\NotFoundHttpException();
  176.         }
  178.         // プラザフラグをセッションにセット
  179.         if ($request->query->get('plaza') == '1') {
  180.             $request->getSession()->set('header_footer_layout''plaza');
  181.             log_info('パスワード再発行:プラザフラグをセッションにセット');
  182.         }
  184.         $errors $this->validator->validate(
  185.             $reset_key,
  186.             [
  187.                 new Assert\NotBlank(),
  188.                 new Assert\Regex(
  189.                     [
  190.                         'pattern' => '/^[a-zA-Z0-9]+$/',
  191.                     ]
  192.                 ),
  193.             ]
  194.         );
  196.         if (count($errors) > 0) {
  197.             // リセットキーに異常がある場合
  198.             throw new HttpException\NotFoundHttpException();
  199.         }
  201.         $Customer $this->customerRepository
  202.             ->getRegularCustomerByResetKey($reset_key);
  204.         if (null === $Customer) {
  205.             // リセットキーから会員データが取得できない場合
  206.             throw new HttpException\NotFoundHttpException();
  207.         }
  209.         $builder $this->formFactory
  210.             ->createNamedBuilder(''PasswordResetType::class);
  212.         $form $builder->getForm();
  213.         $form->handleRequest($request);
  214.         $error null;
  216.         if ($form->isSubmitted() && $form->isValid()) {
  217.             // リセットキー・入力メールアドレスで会員情報検索
  218.             $Customer $this->customerRepository
  219.                 ->getRegularCustomerByResetKey($reset_key$form->get('login_email')->getData());
  220.             if ($Customer) {
  221.                 // パスワードの発行・更新
  222.                 $encoder $this->encoderFactory->getEncoder($Customer);
  223.                 $pass $form->get('password')->getData();
  224.                 $Customer->setPassword($pass);
  226.                 // 発行したパスワードの暗号化
  227.                 if ($Customer->getSalt() === null) {
  228.                     $Customer->setSalt($this->encoderFactory->getEncoder($Customer)->createSalt());
  229.                 }
  230.                 $encPass $encoder->encodePassword($pass$Customer->getSalt());
  232.                 // パスワードを更新
  233.                 $Customer->setPassword($encPass);
  234.                 // リセットキーをクリア
  235.                 $Customer->setResetKey(null);
  237.                 // パスワードを更新
  238.                 $this->entityManager->persist($Customer);
  239.                 $this->entityManager->flush();
  241.                 $event = new EventArgs(
  242.                     [
  243.                         'Customer' => $Customer,
  244.                     ],
  245.                     $request
  246.                 );
  247.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_RESET_COMPLETE);
  249.                 // 完了メッセージを設定
  250.                 $this->addFlash('password_reset_complete'trans('front.forgot.reset_complete'));
  252.                 // ログインページへリダイレクト
  253.                 return $this->redirectToRoute('mypage_login');
  254.             } else {
  255.                 // リセットキー・メールアドレスから会員データが取得できない場合
  256.                 $error trans('front.forgot.reset_not_found');
  257.             }
  258.         }
  260.         return [
  261.             'error' => $error,
  262.             'form' => $form->createView(),
  263.         ];
  264.     }
  265. }