app/Customize/Controller/ForgotController.php line 98

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of EC-CUBE
  4.  *
  5.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  6.  *
  7.  * http://www.ec-cube.co.jp/
  8.  *
  9.  * For the full copyright and license information, please view the LICENSE
  10.  * file that was distributed with this source code.
  11.  */
  12. namespace Customize\Controller;
  13. use Eccube\Event\EccubeEvents;
  14. use Eccube\Event\EventArgs;
  15. use Eccube\Form\Type\Front\ForgotType;
  16. use Eccube\Form\Type\Front\PasswordResetType;
  17. use Eccube\Repository\CustomerRepository;
  18. use Eccube\Service\MailService;
  19. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  20. use Symfony\Component\HttpFoundation\Request;
  21. use Symfony\Component\HttpKernel\Exception as HttpException;
  22. use Symfony\Component\Routing\Annotation\Route;
  23. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  24. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  25. use Symfony\Component\Validator\Constraints as Assert;
  26. use Symfony\Component\Validator\Validator\ValidatorInterface;
  27. //require 'vendor/autoload.php';
  28. use GuzzleHttp\Client;
  29. class ForgotController extends AbstractController
  30. {
  31.     /**
  32.      * @var ValidatorInterface
  33.      */
  34.     protected $validator;
  35.     /**
  36.      * @var MailService
  37.      */
  38.     protected $mailService;
  39.     /**
  40.      * @var CustomerRepository
  41.      */
  42.     protected $customerRepository;
  43.     /**
  44.      * @var EncoderFactoryInterface
  45.      */
  46.     protected $encoderFactory;
  47.     /**
  48.      * ForgotController constructor.
  49.      *
  50.      * @param ValidatorInterface $validator
  51.      * @param MailService $mailService
  52.      * @param CustomerRepository $customerRepository
  53.      * @param EncoderFactoryInterface $encoderFactory
  54.      */
  55.     public function __construct(
  56.         ValidatorInterface $validator,
  57.         MailService $mailService,
  58.         CustomerRepository $customerRepository,
  59.         EncoderFactoryInterface $encoderFactory
  60.     ) {
  61.         $this->validator $validator;
  62.         $this->mailService $mailService;
  63.         $this->customerRepository $customerRepository;
  64.         $this->encoderFactory $encoderFactory;
  65.     }
  66.     /**
  67.      * パスワードリマインダ.
  68.      *
  69.      * @Route("/forgot", name="forgot")
  70.      * @Template("Forgot/index.twig")
  71.      */
  72.     public function index(Request $request)
  73.     {
  74.         if ($this->isGranted('ROLE_USER')) {
  75.             throw new HttpException\NotFoundHttpException();
  76.         }
  77.         $builder $this->formFactory
  78.             ->createNamedBuilder(''ForgotType::class);
  79.         $event = new EventArgs(
  80.             [
  81.                 'builder' => $builder,
  82.             ],
  83.             $request
  84.         );
  85.         $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE);
  86.         $form $builder->getForm();
  87.         $form->handleRequest($request);
  88.         if ($form->isSubmitted() && $form->isValid()) {
  89.             $Customer $this->customerRepository
  90.                 ->getRegularCustomerByEmail($form->get('login_email')->getData());
  91.             if (!is_null($Customer)) {
  92.                 // リセットキーの発行・有効期限の設定
  93.                 $Customer
  94.                     ->setResetKey($this->customerRepository->getUniqueResetKey())
  95.                     ->setResetExpire(new \DateTime('+'.$this->eccubeConfig['eccube_customer_reset_expire'].' min'));
  96.                 // リセットキーを更新
  97.                 $this->entityManager->persist($Customer);
  98.                 $this->entityManager->flush();
  99.                 $event = new EventArgs(
  100.                     [
  101.                         'form' => $form,
  102.                         'Customer' => $Customer,
  103.                     ],
  104.                     $request
  105.                 );
  106.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_INDEX_COMPLETE);
  107.                 // 完了URLの生成
  108.                 $reset_url $this->generateUrl('forgot_reset', ['reset_key' => $Customer->getResetKey()], UrlGeneratorInterface::ABSOLUTE_URL);
  109.                 // メール送信
  110.                 $this->mailService->sendPasswordResetNotificationMail($Customer$reset_url);
  111.                 // ログ出力
  112.                 log_info('send reset password mail to:'."{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}");
  113.             } else {
  114.                 log_warning(
  115.                     'Un active customer try send reset password email: ',
  116.                     ['Enter email' => $form->get('login_email')->getData()]
  117.                 );
  118.             }
  119.             return $this->redirectToRoute('forgot_complete');
  120.         }
  121.         return [
  122.             'form' => $form->createView(),
  123.         ];
  124.     }
  125.     /**
  126.      * 再設定URL送信完了画面.
  127.      *
  128.      * @Route("/forgot/complete", name="forgot_complete")
  129.      * @Template("Forgot/complete.twig")
  130.      */
  131.     public function complete(Request $request)
  132.     {
  133.         if ($this->isGranted('ROLE_USER')) {
  134.             throw new HttpException\NotFoundHttpException();
  135.         }
  136.         return [];
  137.     }
  138.     /**
  139.      * パスワード再発行実行画面.
  140.      *
  141.      * @Route("/forgot/reset/{reset_key}", name="forgot_reset")
  142.      * @Template("Forgot/reset.twig")
  143.      */
  144.     public function reset(Request $request$reset_key)
  145.     {
  146.         if ($this->isGranted('ROLE_USER')) {
  147.             throw new HttpException\NotFoundHttpException();
  148.         }
  149.         $errors $this->validator->validate(
  150.             $reset_key,
  151.             [
  152.                 new Assert\NotBlank(),
  153.                 new Assert\Regex(
  154.                     [
  155.                         'pattern' => '/^[a-zA-Z0-9]+$/',
  156.                     ]
  157.                 ),
  158.             ]
  159.         );
  160.         if (count($errors) > 0) {
  161.             // リセットキーに異常がある場合
  162.             throw new HttpException\NotFoundHttpException();
  163.         }
  164.         $Customer $this->customerRepository
  165.             ->getRegularCustomerByResetKey($reset_key);
  166.         if (null === $Customer) {
  167.             // リセットキーから会員データが取得できない場合
  168.             throw new HttpException\NotFoundHttpException();
  169.         }
  170.         $builder $this->formFactory
  171.             ->createNamedBuilder(''PasswordResetType::class);
  172.         $form $builder->getForm();
  173.         $form->handleRequest($request);
  174.         $error null;
  175.         if ($form->isSubmitted() && $form->isValid()) {
  176.             // リセットキー・入力メールアドレスで会員情報検索
  177.             $Customer $this->customerRepository
  178.                 ->getRegularCustomerByResetKey($reset_key$form->get('login_email')->getData());
  179.             if ($Customer) {
  180.                 // パスワードの発行・更新
  181.                 $encoder $this->encoderFactory->getEncoder($Customer);
  182.                 $pass $form->get('password')->getData();
  183.                 $Customer->setPassword($pass);
  184.                 // 発行したパスワードの暗号化
  185.                 if ($Customer->getSalt() === null) {
  186.                     $Customer->setSalt($this->encoderFactory->getEncoder($Customer)->createSalt());
  187.                 }
  188.                 $encPass $encoder->encodePassword($pass$Customer->getSalt());
  189.                 // パスワードを更新
  190.                 $Customer->setPassword($encPass);
  191.                 // リセットキーをクリア
  192.                 $Customer->setResetKey(null);
  193.                 // パスワードを更新
  194.                 $this->entityManager->persist($Customer);
  195.                 $this->entityManager->flush();
  196.                 // パスワードリセット時に会員統合に更新を行う
  197.                 // 統合DB会員編集
  198.                 $em $this->entityManager;
  199.                 $em->getConnection()->beginTransaction();
  200.                 $conn $em->getConnection();
  201.     
  202.                 $stmt $conn->prepare('SELECT * FROM dtb_customer WHERE id = :id;');
  203.                 $result $stmt->execute([':id' => $Customer->getId()]);
  204.                 $row $result->fetch();
  205.                 $conn->commit();
  206.                 $client = new Client();
  207.                 $aes_key getenv('API_AES_KEY');
  208.                 $user_id openssl_encrypt($Customer->getId(),'aes-256-ecb',$aes_key);
  209.                 if($row['egicom_id']){
  210.                     $user_code openssl_encrypt($row['egicom_id'],'aes-256-ecb',$aes_key);
  211.                 }else{
  212.                     $user_code "";
  213.                 }
  214.                 $mail_address openssl_encrypt($row['email'],'aes-256-ecb',$aes_key);
  215.                 $password $row['password'];
  216.                 $salt $row['salt'];
  217.                 $name '';
  218.                 $options = [
  219.                     'headers' => [
  220.                         'Content-Type' => 'application/x-www-form-urlencoded'],
  221.                     'form_params' => [
  222.                         "site_id" => 1,
  223.                         "user_id" => $user_id,
  224.                         "user_code" => $user_code,
  225.                         "mail_address" => $mail_address,
  226.                         "password" => $password,
  227.                         "salt" => $salt,
  228.                         "name" => $name
  229.                         ]
  230.                     ];
  231.                 $url getenv('API_KV_UPDATE');
  232.                 $response $client->request('POST'$url$options);
  233.     
  234.                 $res json_decode($response->getBody());
  235.                 if(!$res->status){
  236.                     log_info('統合DB会員編集エラー');
  237.                 }
  238.     
  239.                 $event = new EventArgs(
  240.                     [
  241.                         'Customer' => $Customer,
  242.                     ],
  243.                     $request
  244.                 );
  245.                 $this->eventDispatcher->dispatch($eventEccubeEvents::FRONT_FORGOT_RESET_COMPLETE);
  246.                 // 完了メッセージを設定
  247.                 $this->addFlash('password_reset_complete'trans('front.forgot.reset_complete'));
  248.                 // ログインページへリダイレクト
  249.                 return $this->redirectToRoute('mypage_login');
  250.             } else {
  251.                 // リセットキー・メールアドレスから会員データが取得できない場合
  252.                 $error trans('front.forgot.reset_not_found');
  253.             }
  254.         }
  255.         return [
  256.             'error' => $error,
  257.             'form' => $form->createView(),
  258.         ];
  259.     }
  260. }