Skip to content

Commit

Permalink
FIX Don't break the page if password recover email fails to send
Browse files Browse the repository at this point in the history
  • Loading branch information
@GuySartorelli
GuySartorelli committed Dec 14, 2023
1 parent 446810b commit dd3a0db
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 14 deletions.
1 change: 1 addition & 0 deletions lang/en.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -290,6 +290,7 @@ en:
CURRENT_PASSWORD: 'Current Password'
EDIT_PASSWORD: 'New Password'
EMAIL: Email
EMAIL_FAILED: 'There was an error when trying to email you a password reset link.'
EMPTYNEWPASSWORD: "The new password can't be empty, please try again"
ENTEREMAIL: 'Please enter an email address to get a password reset link.'
ERRORLOCKEDOUT2: 'Your account has been temporarily disabled because of too many failed attempts at logging in. Please try again in {count} minutes.'
Expand Down
51 changes: 37 additions & 14 deletions src/Security/MemberAuthenticator/LostPasswordHandler.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,19 @@

namespace SilverStripe\Security\MemberAuthenticator;

use Psr\Log\LoggerInterface;
use SilverStripe\Control\Controller;
use SilverStripe\Control\Email\Email;
use SilverStripe\Control\HTTPResponse;
use SilverStripe\Control\RequestHandler;
use SilverStripe\Core\Convert;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\Forms\Form;
use SilverStripe\ORM\FieldType\DBField;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;
use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
use Symfony\Component\Mime\Exception\RfcComplianceException;

/**
* Handle login requests from MemberLoginForm
Expand Down Expand Up @@ -173,7 +177,18 @@ public function forgotPassword(array $data, Form $form): HTTPResponse
if ($member) {
$token = $member->generateAutologinTokenAndStoreHash();

$this->sendEmail($member, $token);
$success = $this->sendEmail($member, $token);
if (!$success) {
$form->sessionMessage(
_t(
Member::class . '.EMAIL_FAILED',
'There was an error when trying to email you a password reset link.'
),
'bad'
);

return $this->redirectToLostPassword();
}
}

return $this->redirectToSuccess($data);
Expand Down Expand Up @@ -225,20 +240,28 @@ protected function getMemberFromData(array $data)
*/
protected function sendEmail($member, $token)
{
/** @var Email $email */
$email = Email::create()
->setHTMLTemplate('SilverStripe\\Control\\Email\\ForgotPasswordEmail')
->setData($member)
->setSubject(_t(
'SilverStripe\\Security\\Member.SUBJECTPASSWORDRESET',
"Your password reset link",
'Email subject'
))
->addData('PasswordResetLink', Security::getPasswordResetLink($member, $token))
->setTo($member->Email);
try {
/** @var Email $email */
$email = Email::create()
->setHTMLTemplate('SilverStripe\\Control\\Email\\ForgotPasswordEmail')
->setData($member)
->setSubject(_t(
'SilverStripe\\Security\\Member.SUBJECTPASSWORDRESET',
"Your password reset link",
'Email subject'
))
->addData('PasswordResetLink', Security::getPasswordResetLink($member, $token))
->setTo($member->Email);

$member->extend('updateForgotPasswordEmail', $email);
return $email->send();
$member->extend('updateForgotPasswordEmail', $email);
$email->send();
return true;
} catch (TransportExceptionInterface | RfcComplianceException $e) {
/** @var LoggerInterface $logger */
$logger = Injector::inst()->get(LoggerInterface::class . '.errorhandler');
$logger->error('Error sending email in ' . __FILE__ . ' line ' . __LINE__ . ": {$e->getMessage()}");
return false;
}
}

/**
Expand Down

0 comments on commit dd3a0db

Please sign in to comment.