UserPasswordResetForm.php 3.77 KB
Newer Older
1 2 3 4
<?php

namespace Drupal\user\Form;

5
use Drupal\Core\Form\FormStateInterface;
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45
use Drupal\Core\Session\AccountInterface;
use Drupal\Component\Utility\Crypt;
use Drupal\Core\Form\FormBase;
use Psr\Log\LoggerInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;

/**
 * Form controller for the user password forms.
 */
class UserPasswordResetForm extends FormBase {

  /**
   * A logger instance.
   *
   * @var \Psr\Log\LoggerInterface
   */
  protected $logger;

  /**
   * Constructs a new UserPasswordResetForm.
   *
   * @param \Psr\Log\LoggerInterface $logger
   *   A logger instance.
   */
  public function __construct(LoggerInterface $logger) {
    $this->logger = $logger;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static(
      $container->get('logger.factory')->get('user')
    );
  }

  /**
   * {@inheritdoc}
   */
46
  public function getFormId() {
47 48 49 50 51 52 53 54
    return 'user_pass_reset';
  }

  /**
   * {@inheritdoc}
   *
   * @param array $form
   *   An associative array containing the structure of the form.
55 56
   * @param \Drupal\Core\Form\FormStateInterface $form_state
   *   The current state of the form.
57 58 59 60 61 62 63 64 65 66
   * @param \Drupal\Core\Session\AccountInterface $user
   *   User requesting reset.
   * @param string $expiration_date
   *   Formatted expiration date for the login link, or NULL if the link does
   *   not expire.
   * @param int $timestamp
   *   The current timestamp.
   * @param string $hash
   *   Login link hash.
   */
67
  public function buildForm(array $form, FormStateInterface $form_state, AccountInterface $user = NULL, $expiration_date = NULL, $timestamp = NULL, $hash = NULL) {
68 69
    if ($expiration_date) {
      $form['message'] = array('#markup' => $this->t('<p>This is a one-time login for %user_name and will expire on %expiration_date.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $user->getUsername(), '%expiration_date' => $expiration_date)));
70
      $form['#title'] = $this->t('Reset password');
71 72 73 74
    }
    else {
      // No expiration for first time login.
      $form['message'] = array('#markup' => $this->t('<p>This is a one-time login for %user_name.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $user->getUsername())));
75
      $form['#title'] = $this->t('Set password');
76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97
    }

    $form['user'] = array(
      '#type' => 'value',
      '#value' => $user,
    );
    $form['timestamp'] = array(
      '#type' => 'value',
      '#value' => $timestamp,
    );
    $form['help'] = array('#markup' => '<p>' . $this->t('This login can be used only once.') . '</p>');
    $form['actions'] = array('#type' => 'actions');
    $form['actions']['submit'] = array(
      '#type' => 'submit',
      '#value' => $this->t('Log in'),
    );
    return $form;
  }

  /**
   * {@inheritdoc}
   */
98
  public function submitForm(array &$form, FormStateInterface $form_state) {
99
    /** @var $user \Drupal\user\UserInterface */
100
    $user = $form_state->getValue('user');
101
    user_login_finalize($user);
102
    $this->logger->notice('User %name used one-time login link at time %timestamp.', array('%name' => $user->getUsername(), '%timestamp' => $form_state->getValue('timestamp')));
103 104 105 106
    drupal_set_message($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please change your password.'));
    // Let the user's password be changed without the current password check.
    $token = Crypt::randomBytesBase64(55);
    $_SESSION['pass_reset_' . $user->id()] = $token;
107
    $form_state->setRedirect(
108
      'entity.user.edit_form',
109 110 111 112 113
      array('user' => $user->id()),
      array(
        'query' => array('pass-reset-token' => $token),
        'absolute' => TRUE,
      )
114 115 116 117
    );
  }

}