removed encoder, set hasher
This commit is contained in:
parent
a5e665cbe4
commit
613605ef92
|
@ -12,8 +12,9 @@ use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
use Symfony\Component\Mailer\MailerInterface;
|
use Symfony\Component\Mailer\MailerInterface;
|
||||||
use Symfony\Component\Mime\Address;
|
use Symfony\Component\Mime\Address;
|
||||||
|
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
|
||||||
use Symfony\Component\Routing\Annotation\Route;
|
use Symfony\Component\Routing\Annotation\Route;
|
||||||
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
|
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
|
||||||
use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
|
use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
|
||||||
use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
|
use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
|
||||||
use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
|
use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
|
||||||
|
@ -76,7 +77,7 @@ class ResetPasswordController extends AbstractController
|
||||||
* Validates and process the reset URL that the user clicked in their email.
|
* Validates and process the reset URL that the user clicked in their email.
|
||||||
*/
|
*/
|
||||||
#[Route('/reset/{token}', name: 'app_reset_password')]
|
#[Route('/reset/{token}', name: 'app_reset_password')]
|
||||||
public function reset(Request $request, UserPasswordEncoderInterface $passwordEncoder, string $token = null): Response
|
public function reset(Request $request, UserPasswordHasherInterface $passwordHasher, string $token = null): Response
|
||||||
{
|
{
|
||||||
if ($token) {
|
if ($token) {
|
||||||
// We store the token in session and remove it from the URL, to avoid the URL being
|
// We store the token in session and remove it from the URL, to avoid the URL being
|
||||||
|
@ -110,13 +111,16 @@ class ResetPasswordController extends AbstractController
|
||||||
// A password reset token should be used only once, remove it.
|
// A password reset token should be used only once, remove it.
|
||||||
$this->resetPasswordHelper->removeResetRequest($token);
|
$this->resetPasswordHelper->removeResetRequest($token);
|
||||||
|
|
||||||
// Encode the plain password, and set it.
|
// Hash the plain password, and set it.
|
||||||
$encodedPassword = $passwordEncoder->encodePassword(
|
/*
|
||||||
|
** @var PasswordAuthenticatedUserInterface $user
|
||||||
|
*/
|
||||||
|
$hashedPassword = $passwordHasher->hashPassword(
|
||||||
$user,
|
$user,
|
||||||
$form->get('plainPassword')->getData()
|
$form->get('plainPassword')->getData()
|
||||||
);
|
);
|
||||||
|
|
||||||
$user->setPassword($encodedPassword);
|
$user->setPassword($hashedPassword);
|
||||||
$this->getDoctrine()->getManager()->flush();
|
$this->getDoctrine()->getManager()->flush();
|
||||||
|
|
||||||
// The session is cleaned up after the password has been changed.
|
// The session is cleaned up after the password has been changed.
|
||||||
|
@ -163,8 +167,7 @@ class ResetPasswordController extends AbstractController
|
||||||
->htmlTemplate('security/email.html.twig')
|
->htmlTemplate('security/email.html.twig')
|
||||||
->context([
|
->context([
|
||||||
'resetToken' => $resetToken,
|
'resetToken' => $resetToken,
|
||||||
])
|
]);
|
||||||
;
|
|
||||||
|
|
||||||
$mailer->send($email);
|
$mailer->send($email);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue