src/AppBundle/Controller/PasswordResetController.php line 23

Open in your IDE?
  1. <?php
  2. namespace AppBundle\Controller;
  3. use Biz\Common\BizSms;
  4. use Biz\System\Service\SettingService;
  5. use Symfony\Component\HttpFoundation\Request;
  6. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  7. class PasswordResetController extends BaseController
  8. {
  9.     public function indexAction(Request $request)
  10.     {
  11.         $user $this->getCurrentUser();
  12.         if ($user->isLogin()) {
  13.             if (!$user['setup'] || false != stripos($user['email'], '@edusoho.net')) {
  14.                 return $this->redirect($this->generateUrl('homepage'));
  15.             }
  16.         }
  17.         return $this->render(
  18.             'password-reset/index.html.twig'
  19.         );
  20.     }
  21.     public function resetByEmailAction(Request $request)
  22.     {
  23.         $email $request->request->get('email');
  24.         if (empty($email)) {
  25.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.message.email_empty']]);
  26.         }
  27.         $currentUser $this->getCurrentUser();
  28.         if ($currentUser->isLogin() && $currentUser['email'] !== $email) {
  29.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.message.email_not_match']]);
  30.         }
  31.         $user $this->getUserService()->getUserByEmail($email);
  32.         if (empty($user)) {
  33.             list($result$message) = $this->getAuthService()->checkEmail($email);
  34.             if ('error_duplicate' == $result) {
  35.                 return $this->createJsonResponse(['error' => ['message' => 'password_reset.message.error_duplicate']]);
  36.             }
  37.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.message.email_login_error']]);
  38.         }
  39.         $token $this->getUserService()->makeToken('password-reset'$user['id'], strtotime('+1 day'));
  40.         try {
  41.             $site $this->setting('site', []);
  42.             $mailOptions = [
  43.                 'to' => $user['email'],
  44.                 'template' => 'email_reset_password',
  45.                 'format' => 'html',
  46.                 'params' => [
  47.                     'nickname' => $user['nickname'],
  48.                     'verifyurl' => $this->generateUrl('password_reset_update', ['token' => $token], UrlGeneratorInterface::ABSOLUTE_URL),
  49.                     'sitename' => $site['name'],
  50.                     'siteurl' => $site['url'],
  51.                 ],
  52.             ];
  53.             $mailFactory $this->getBiz()->offsetGet('mail_factory');
  54.             $mail $mailFactory($mailOptions);
  55.             $mail->send();
  56.         } catch (\Exception $e) {
  57.             $this->getLogService()->error('user''password-reset''重设密码邮件发送失败:'.$e->getMessage());
  58.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.message.reset_error']]);
  59.         }
  60.         $this->getLogService()->info('user''password-reset'"{$user['email']}向发送了找回密码邮件。");
  61.         return $this->createJsonResponse([
  62.             'goto' => $this->generateUrl('password_reset_email_sent', ['email' => base64_encode($email)]),
  63.         ]);
  64.     }
  65.     public function emailSentAction(Request $request)
  66.     {
  67.         $email base64_decode($request->query->get('email'''));
  68.         return $this->render('password-reset/sent.html.twig', [
  69.             'email' => $email,
  70.             'emailLoginUrl' => $this->getEmailLoginUrl($email),
  71.         ]);
  72.     }
  73.     public function updateAction(Request $request)
  74.     {
  75.         $token $this->getUserService()->getToken('password-reset'$request->query->get('token') ?: $request->request->get('token'));
  76.         if (empty($token)) {
  77.             return $this->render(
  78.                 'password-reset/error.html.twig'
  79.             );
  80.         }
  81.         if ('POST' == $request->getMethod()) {
  82.             $password $request->request->get('password');
  83.             $confirmPassword $request->request->get('confirmPassword');
  84.             if (!empty($password) && $password === $confirmPassword) {
  85.                 $this->getAuthService()->changePassword($token['userId'], null$password);
  86.                 $this->getUserService()->deleteToken('password-reset'$token['token']);
  87.                 $this->getUserService()->changePasswordUpgraded($token['userId']);
  88.                 return $this->render(
  89.                     'password-reset/success.html.twig'
  90.                 );
  91.             }
  92.         }
  93.         return $this->render(
  94.             'password-reset/update.html.twig'
  95.         );
  96.     }
  97.     public function changeRawPasswordAction(Request $request)
  98.     {
  99.         $fields $request->query->all();
  100.         $user_token $this->getTokenService()->verifyToken('email_password_reset'$fields['token']);
  101.         $flag $this->getUserService()->changeRawPassword($user_token['data']['userId'], $user_token['data']['rawPassword']);
  102.         if (!$flag) {
  103.             return $this->render(
  104.                 'password-reset/raw-error.html.twig'
  105.             );
  106.         } else {
  107.             return $this->render(
  108.                 'password-reset/raw-success.html.twig'
  109.             );
  110.         }
  111.     }
  112.     public function resetBySmsAction(Request $request)
  113.     {
  114.         $mobile $request->request->get('mobile');
  115.         $smsToken $request->request->get('sms_token');
  116.         $smsCode $request->request->get('sms_code');
  117.         if (empty($mobile) || empty($smsToken) || empty($smsCode)) {
  118.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.reset_by_sms.message.reset_error']]);
  119.         }
  120.         $bizSms $this->getBizSms();
  121.         $result $bizSms->check(BizSms::SMS_FORGET_PASSWORD$mobile$smsToken$smsCode);
  122.         if (BizSms::STATUS_INVALID === $result) {
  123.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.reset_by_sms.message.sms_code_error']]);
  124.         }
  125.         if (BizSms::STATUS_EXPIRED === $result) {
  126.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.reset_by_sms.message.sms_code_expired']]);
  127.         }
  128.         $currentUser $this->getCurrentUser();
  129.         if ($currentUser->isLogin() && $currentUser['verifiedMobile'] !== $mobile) {
  130.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.reset_by_sms.message.mobile_not_match']]);
  131.         }
  132.         $targetUser $this->getUserService()->getUserByVerifiedMobile($mobile);
  133.         if (empty($targetUser)) {
  134.             return $this->createJsonResponse(['error' => ['message' => 'password_reset.reset_by_sms.message.user_empty']]);
  135.         }
  136.         $token $this->getUserService()->makeToken('password-reset'$targetUser['id'], strtotime('+1 day'));
  137.         return $this->createJsonResponse([
  138.             'goto' => $this->generateUrl('password_reset_update', ['token' => $token]),
  139.         ]);
  140.     }
  141.     public function getEmailLoginUrl($email)
  142.     {
  143.         $host substr($emailstrpos($email'@') + 1);
  144.         if ('hotmail.com' == $host) {
  145.             return 'http://www.'.$host;
  146.         }
  147.         if ('gmail.com' == $host) {
  148.             return 'http://mail.google.com';
  149.         }
  150.         return 'http://mail.'.$host;
  151.     }
  152.     protected function getAuthService()
  153.     {
  154.         return $this->createService('User:AuthService');
  155.     }
  156.     protected function getTokenService()
  157.     {
  158.         return $this->createService('User:TokenService');
  159.     }
  160.     /**
  161.      * @return SettingService
  162.      */
  163.     protected function getSettingService()
  164.     {
  165.         return $this->createService('System:SettingService');
  166.     }
  167.     /**
  168.      * @return BizSms
  169.      */
  170.     protected function getBizSms()
  171.     {
  172.         return $this->getBiz()['biz_sms'];
  173.     }
  174. }