app/Customize/Controller/ForgotController.php line 81

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of EC-CUBE
  5.  *
  6.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  7.  *
  8.  * http://www.ec-cube.co.jp/
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Customize\Controller;
  16. use Eccube\Event\EccubeEvents;
  17. use Eccube\Event\EventArgs;
  18. use Eccube\Form\Type\Front\ForgotType;
  19. use Eccube\Form\Type\Front\PasswordResetType;
  20. use Eccube\Repository\CustomerRepository;
  21. use Eccube\Service\MailService;
  22. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  23. use Symfony\Component\HttpFoundation\Request;
  24. use Symfony\Component\HttpKernel\Exception as HttpException;
  25. use Symfony\Component\Routing\Annotation\Route;
  26. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  27. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  28. use Symfony\Component\Validator\Constraints as Assert;
  29. use Symfony\Component\Validator\Validator\ValidatorInterface;
  30. //require 'vendor/autoload.php';
  31. use GuzzleHttp\Client;
  33. class ForgotController extends AbstractController
  34. {
  35.     /**
  36.      * @var ValidatorInterface
  37.      */
  38.     protected $validator;
  40.     /**
  41.      * @var MailService
  42.      */
  43.     protected $mailService;
  45.     /**
  46.      * @var CustomerRepository
  47.      */
  48.     protected $customerRepository;
  50.     /**
  51.      * @var EncoderFactoryInterface
  52.      */
  53.     protected $encoderFactory;
  55.     /**
  56.      * ForgotController constructor.
  57.      *
  58.      * @param ValidatorInterface $validator
  59.      * @param MailService $mailService
  60.      * @param CustomerRepository $customerRepository
  61.      * @param EncoderFactoryInterface $encoderFactory
  62.      */
  63.     public function __construct(
  64.         ValidatorInterface $validator,
  65.         MailService $mailService,
  66.         CustomerRepository $customerRepository,
  67.         EncoderFactoryInterface $encoderFactory
  68.     ) {
  69.         $this->validator $validator;
  70.         $this->mailService $mailService;
  71.         $this->customerRepository $customerRepository;
  72.         $this->encoderFactory $encoderFactory;
  73.     }
  75.     /**
  76.      * パスワードリマインダ.
  77.      *
  78.      * @Route("/forgot", name="forgot")
  79.      * @Template("Forgot/index.twig")
  80.      */
  81.     public function index(Request $request)
  82.     {
  83.         if ($this->isGranted('ROLE_USER')) {
  84.             throw new HttpException\NotFoundHttpException();
  85.         }
  87.         $builder $this->formFactory
  88.             ->createNamedBuilder(''ForgotType::class);
  90.         $event = new EventArgs(
  91.             [
  92.                 'builder' => $builder,
  93.             ],
  94.             $request
  95.         );
  96.         $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE);
  98.         $form $builder->getForm();
  99.         $form->handleRequest($request);
  101.         if ($form->isSubmitted() && $form->isValid()) {
  102.             $Customer $this->customerRepository
  103.                 ->getRegularCustomerByEmail($form->get('login_email')->getData());
  105.             if (!is_null($Customer)) {
  106.                 // リセットキーの発行・有効期限の設定
  107.                 $Customer
  108.                     ->setResetKey($this->customerRepository->getUniqueResetKey())
  109.                     ->setResetExpire(new \DateTime('+'.$this->eccubeConfig['eccube_customer_reset_expire'].' min'));
  111.                 // リセットキーを更新
  112.                 $this->entityManager->persist($Customer);
  113.                 $this->entityManager->flush();
  115.                 $event = new EventArgs(
  116.                     [
  117.                         'form' => $form,
  118.                         'Customer' => $Customer,
  119.                     ],
  120.                     $request
  121.                 );
  122.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_COMPLETE);
  124.                 // 完了URLの生成
  125.                 $reset_url $this->generateUrl('forgot_reset', ['reset_key' => $Customer->getResetKey()], UrlGeneratorInterface::ABSOLUTE_URL);
  127.                 // メール送信
  128.                 $this->mailService->sendPasswordResetNotificationMail($Customer$reset_url);
  130.                 // ログ出力
  131.                 log_info('send reset password mail to:'."{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}");
  132.             } else {
  133.                 log_warning(
  134.                     'Un active customer try send reset password email: ',
  135.                     ['Enter email' => $form->get('login_email')->getData()]
  136.                 );
  137.             }
  139.             return $this->redirectToRoute('forgot_complete');
  140.         }
  142.         return [
  143.             'form' => $form->createView(),
  144.         ];
  145.     }
  147.     /**
  148.      * 再設定URL送信完了画面.
  149.      *
  150.      * @Route("/forgot/complete", name="forgot_complete")
  151.      * @Template("Forgot/complete.twig")
  152.      */
  153.     public function complete(Request $request)
  154.     {
  155.         if ($this->isGranted('ROLE_USER')) {
  156.             throw new HttpException\NotFoundHttpException();
  157.         }
  159.         return [];
  160.     }
  162.     /**
  163.      * パスワード再発行実行画面.
  164.      *
  165.      * @Route("/forgot/reset/{reset_key}", name="forgot_reset")
  166.      * @Template("Forgot/reset.twig")
  167.      */
  168.     public function reset(Request $request$reset_key)
  169.     {
  170.         if ($this->isGranted('ROLE_USER')) {
  171.             throw new HttpException\NotFoundHttpException();
  172.         }
  174.         $errors $this->validator->validate(
  175.             $reset_key,
  176.             [
  177.                 new Assert\NotBlank(),
  178.                 new Assert\Regex(
  179.                     [
  180.                         'pattern' => '/^[a-zA-Z0-9]+$/',
  181.                     ]
  182.                 ),
  183.             ]
  184.         );
  186.         if (count($errors) > 0) {
  187.             // リセットキーに異常がある場合
  188.             throw new HttpException\NotFoundHttpException();
  189.         }
  191.         $Customer $this->customerRepository
  192.             ->getRegularCustomerByResetKey($reset_key);
  194.         if (null === $Customer) {
  195.             // リセットキーから会員データが取得できない場合
  196.             throw new HttpException\NotFoundHttpException();
  197.         }
  199.         $builder $this->formFactory
  200.             ->createNamedBuilder(''PasswordResetType::class);
  202.         $form $builder->getForm();
  203.         $form->handleRequest($request);
  204.         $error null;
  206.         if ($form->isSubmitted() && $form->isValid()) {
  207.             // リセットキー・入力メールアドレスで会員情報検索
  208.             $Customer $this->customerRepository
  209.                 ->getRegularCustomerByResetKey($reset_key$form->get('login_email')->getData());
  210.             if ($Customer) {
  211.                 // パスワードの発行・更新
  212.                 $encoder $this->encoderFactory->getEncoder($Customer);
  213.                 $pass $form->get('password')->getData();
  214.                 $Customer->setPassword($pass);
  216.                 // 発行したパスワードの暗号化
  217.                 if ($Customer->getSalt() === null) {
  218.                     $Customer->setSalt($this->encoderFactory->getEncoder($Customer)->createSalt());
  219.                 }
  220.                 $encPass $encoder->encodePassword($pass$Customer->getSalt());
  222.                 // パスワードを更新
  223.                 $Customer->setPassword($encPass);
  224.                 // リセットキーをクリア
  225.                 $Customer->setResetKey(null);
  227.                 // パスワードを更新
  228.                 $this->entityManager->persist($Customer);
  229.                 $this->entityManager->flush();
  232.                 // パスワードリセット時に会員統合に更新を行う
  233.                 // 統合DB会員編集
  234.                 $em $this->entityManager;
  235.                 $em->getConnection()->beginTransaction();
  236.                 $conn $em->getConnection();
  237.     
  238.                 $stmt $conn->prepare('SELECT * FROM dtb_customer WHERE id = :id;');
  239.                 $result $stmt->execute([':id' => $Customer->getId()]);
  240.                 $row $result->fetch();
  241.                 $conn->commit();
  243.                 $client = new Client();
  244.                 $aes_key getenv('API_AES_KEY');
  245.                 $user_id openssl_encrypt($Customer->getId(),'aes-256-ecb',$aes_key);
  246.                 if($row['egicom_id']){
  247.                     $user_code openssl_encrypt($row['egicom_id'],'aes-256-ecb',$aes_key);
  248.                 }else{
  249.                     $user_code "";
  250.                 }
  251.                 $mail_address openssl_encrypt($row['email'],'aes-256-ecb',$aes_key);
  252.                 $password $row['password'];
  253.                 $salt $row['salt'];
  254.                 $name '';
  255.                 $options = [
  256.                     'headers' => [
  257.                         'Content-Type' => 'application/x-www-form-urlencoded'],
  258.                     'form_params' => [
  259.                         "site_id" => 1,
  260.                         "user_id" => $user_id,
  261.                         "user_code" => $user_code,
  262.                         "mail_address" => $mail_address,
  263.                         "password" => $password,
  264.                         "salt" => $salt,
  265.                         "name" => $name
  266.                         ]
  267.                     ];
  268.                 $url getenv('API_KV_UPDATE');
  269.                 $response $client->request('POST'$url$options);
  270.     
  271.                 $res json_decode($response->getBody());
  272.                 if(!$res->status){
  273.                     log_info('統合DB会員編集エラー');
  274.                 }
  276.     
  279.                 $event = new EventArgs(
  280.                     [
  281.                         'Customer' => $Customer,
  282.                     ],
  283.                     $request
  284.                 );
  285.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_RESET_COMPLETE);
  287.                 // 完了メッセージを設定
  288.                 $this->addFlash('password_reset_complete'trans('front.forgot.reset_complete'));
  290.                 // ログインページへリダイレクト
  291.                 return $this->redirectToRoute('mypage_login');
  292.             } else {
  293.                 // リセットキー・メールアドレスから会員データが取得できない場合
  294.                 $error trans('front.forgot.reset_not_found');
  295.             }
  296.         }
  298.         return [
  299.             'error' => $error,
  300.             'form' => $form->createView(),
  301.         ];
  302.     }
  303. }