chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update reset password

Browse Source
pull/3768/head
Julio 5 years ago
parent d30294da07
commit c007dec451
4 changed files with 26 additions and 29 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      config/packages/reset_password.yaml
  2. 27
      src/CoreBundle/Controller/ResetPasswordController.php
  3. 10
      src/CoreBundle/Entity/ResetPasswordRequest.php
  4. 15
      src/CoreBundle/Repository/ResetPasswordRequestRepository.php

3
config/packages/reset_password.yaml
Unescape View File

@ -1,2 +1,5 @@
symfonycasts_reset_password: symfonycasts_reset_password:
request_password_repository: Chamilo\CoreBundle\Repository\ResetPasswordRequestRepository request_password_repository: Chamilo\CoreBundle\Repository\ResetPasswordRequestRepository
lifetime: 3600
throttle_limit: 3600
enable_garbage_collection: true

27
src/CoreBundle/Controller/ResetPasswordController.php
Unescape View File

@ -62,12 +62,12 @@ class ResetPasswordController extends AbstractController
public function checkEmail(): Response public function checkEmail(): Response
{ {
// We prevent users from directly accessing this page // We prevent users from directly accessing this page
if (!$this->canCheckEmail()) { if (null === ($resetToken = $this->getTokenObjectFromSession())) {
return $this->redirectToRoute('app_forgot_password_request'); return $this->redirectToRoute('app_forgot_password_request');
} }
return $this->render('@ChamiloCore/reset_password/check_email.html.twig', [ return $this->render('@ChamiloCore/reset_password/check_email.html.twig', [
'tokenLifetime' => $this->resetPasswordHelper->getTokenLifetime(), 'resetToken' => $resetToken,
]); ]);
} }
@ -136,9 +136,6 @@ class ResetPasswordController extends AbstractController
'email' => $emailFormData, 'email' => $emailFormData,
]); ]);
// Marks that you are allowed to see the app_check_email page.
$this->setCanCheckEmailInSession();
// Do not reveal whether a user account was found or not. // Do not reveal whether a user account was found or not.
if (!$user) { if (!$user) {
return $this->redirectToRoute('app_check_email'); return $this->redirectToRoute('app_check_email');
@ -147,27 +144,33 @@ class ResetPasswordController extends AbstractController
try { try {
$resetToken = $this->resetPasswordHelper->generateResetToken($user); $resetToken = $this->resetPasswordHelper->generateResetToken($user);
} catch (ResetPasswordExceptionInterface $e) { } catch (ResetPasswordExceptionInterface $e) {
$this->addFlash('reset_password_error', sprintf( // If you want to tell the user why a reset email was not sent, uncomment
'There was a problem handling your password reset request - %s', // the lines below and change the redirect to 'app_forgot_password_request'.
$e->getReason() // Caution: This may reveal if a user is registered or not.
)); //
// $this->addFlash('reset_password_error', sprintf(
// 'There was a problem handling your password reset request - %s',
// $e->getReason()
// ));
return $this->redirectToRoute('app_forgot_password_request'); return $this->redirectToRoute('app_check_email');
} }
$email = (new TemplatedEmail()) $email = (new TemplatedEmail())
->from(new Address('test@test.com', 'test')) ->from(new Address('admin@example.com', 'Admin'))
->to($user->getEmail()) ->to($user->getEmail())
->subject('Your password reset request') ->subject('Your password reset request')
->htmlTemplate('@ChamiloCore/reset_password/email.html.twig') ->htmlTemplate('@ChamiloCore/reset_password/email.html.twig')
->context([ ->context([
'resetToken' => $resetToken, 'resetToken' => $resetToken,
'tokenLifetime' => $this->resetPasswordHelper->getTokenLifetime(),
]) ])
; ;
$mailer->send($email); $mailer->send($email);
// Store the token object in session for retrieval in check-email route.
$this->setTokenObjectInSession($resetToken);
return $this->redirectToRoute('app_check_email'); return $this->redirectToRoute('app_check_email');
} }
} }

10
src/CoreBundle/Entity/ResetPasswordRequest.php
Unescape View File

@ -14,16 +14,16 @@ class ResetPasswordRequest implements ResetPasswordRequestInterface
use ResetPasswordRequestTrait; use ResetPasswordRequestTrait;
/** /**
* @ORM\Id() * @ORM\Id
* @ORM\GeneratedValue() * @ORM\GeneratedValue
* @ORM\Column(type="integer") * @ORM\Column(type="integer")
*/ */
protected $id; private $id;
/** /**
* @ORM\ManyToOne(targetEntity="Chamilo\CoreBundle\Entity\User") * @ORM\ManyToOne(targetEntity="Chamilo\CoreBundle\Entity\User")
*/ */
protected $user; private $user;
public function __construct(object $user, \DateTimeInterface $expiresAt, string $selector, string $hashedToken) public function __construct(object $user, \DateTimeInterface $expiresAt, string $selector, string $hashedToken)
{ {
@ -31,7 +31,7 @@ class ResetPasswordRequest implements ResetPasswordRequestInterface
$this->initialize($expiresAt, $selector, $hashedToken); $this->initialize($expiresAt, $selector, $hashedToken);
} }
public function getId() public function getId(): ?int
{ {
return $this->id; return $this->id;
} }

15
src/CoreBundle/Repository/ResetPasswordRequestRepository.php
Unescape View File

@ -24,17 +24,8 @@ class ResetPasswordRequestRepository extends ServiceEntityRepository implements
parent::__construct($registry, ResetPasswordRequest::class); parent::__construct($registry, ResetPasswordRequest::class);
} }
public function createResetPasswordRequest( public function createResetPasswordRequest(object $user, \DateTimeInterface $expiresAt, string $selector, string $hashedToken): ResetPasswordRequestInterface
object $user, {
\DateTimeInterface $expiresAt, return new ResetPasswordRequest($user, $expiresAt, $selector, $hashedToken);
string $selector,
string $hashedToken
): ResetPasswordRequestInterface {
return new ResetPasswordRequest(
$user,
$expiresAt,
$selector,
$hashedToken
);
} }
} }

Write Preview
Loading…
Cancel
Save