mouf / security.forgot-your-password
A 'forgot your password' feature for Mouf security.
Installs: 13 870
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 9
Forks: 3
Open Issues: 1
Type:mouf-library
Requires
- php: >=7.0
- mouf/mvc.splash-common: ^8.0
- mouf/security.forgot-your-password-interface: ~1.0
- mouf/utils.i18n.fine.common: ~4.0
- mouf/utils.i18n.fine.file-translator: ~4.0
- mouf/utils.i18n.fine.language-detection: ~4.0
- mouf/utils.mailer.swift-mail-service: ~1.0
- ramsey/uuid: ^3.4
- thecodingmachine/swift-twig-mail-template: ~5.0
Requires (Dev)
- phpunit/phpunit: ^5.4.6
- satooshi/php-coveralls: ~1.0
This package is auto-updated.
Last update: 2024-10-15 05:23:21 UTC
README
Forgot your password feature for Mouf
This package contains the controllers and services necessary to implement a "forgot your password" feature in Mouf.
Installation
composer require mouf/security.forgot-your-password
Usage
Install the package using the Mouf installer.
This package provides:
- A controller (
ForgotYourPasswordController): this controller provides the defaultforgot/passwordroute that leads to the "I forgot my password" form. It also provides theforgot/resetroute that is linked to in the mail. This route allows the user to reset its password. - A service (
ForgotYourPasswordService): this service is in charge of generating the unique token and sending the mail.
This package does not contain a way to access your database to store/retrieve tokens and associated users. For this, you need to provide a package implementing the ForgotYourPasswordDao interface.
For this, you might want to you an existing package already implementing it. If you are using TDBM, we recommend using mouf/security.daos.tdbm.
Customizing
In this package, the views are based on the Bootstrap framework CSS. If your project uses another framework, you'll need to overwrite the views.
Customizing the "forgot your password" page
The main "forgot your password" form is rendered using the Mouf\Security\Password\ForgotYourPasswordView.
The Twig template is available in vendor/mouf/security.forgot-your-password/src/templates/Mouf/Security/Password/ForgotYourPasswordView.twig.
To overwrite, copy this file to src/templates/Mouf/Security/Password/ForgotYourPasswordView.twig and purge your cache.
Customizing the "email sent" page
Once the "forgot your password" page is filled, the user arrives on the "email sent" page.
The page is rendered using the Mouf\Security\Password\EmailSentView.
The Twig template is available in vendor/mouf/security.forgot-your-password/src/templates/Mouf/Security/Password/EmailSentView.twig.
To overwrite, copy this file to src/templates/Mouf/Security/Password/EmailSentView.twig and purge your cache.
Customizing the email
The email originates from a SwiftTwigMailTemplate.
If you want to customize this email, you can either:
- change the Twig template completely (by editing the |forgotYourPasswordMailTemplate
instance in the container and modifying thetwigPath` property to your own file) - or you can simply overwrite the i18n strings by providing your own keys for the subject and the body:
forgotyourpassword.mail.subjectis the subjectforgotyourpassword.mail.bodyis the body of the text
Customizing the "token not found" page
In case the user clicks on a URL link with a token that has already been used (or that is invalid), the "token not found" page is displayed.
The page is rendered using the Mouf\Security\Password\TokenNotFoundView.
The Twig template is available in vendor/mouf/security.forgot-your-password/src/templates/Mouf/Security/Password/TokenNotFoundView.twig.
To overwrite, copy this file to src/templates/Mouf/Security/Password/TokenNotFoundView.twig and purge your cache.
Customizing the "reset password" page
When the user clicks on the link in the mail, he is redirected to the "reset password" page.
The page is rendered using the Mouf\Security\Password\ResetPasswordView.
The Twig template is available in vendor/mouf/security.forgot-your-password/src/templates/Mouf/Security/Password/ResetPasswordView.twig.
To overwrite, copy this file to src/templates/Mouf/Security/Password/ResetPasswordView.twig and purge your cache.
Customizing the "password reseted" page
This is the last page of the workflow, confirming the password was reset successfully.
The page is rendered using the Mouf\Security\Password\ConfirmResetPasswordView.
The Twig template is available in vendor/mouf/security.forgot-your-password/src/templates/Mouf/Security/Password/ConfirmResetPasswordView.twig.
To overwrite, copy this file to src/templates/Mouf/Security/Password/ConfirmResetPasswordView.twig and purge your cache.
Customizing password check strength
By default when you reset your password, you will be asked a password that is:
- at least 7 characters long
- that contains at least one upper case letter
- that contains at least one lower case letter
- that contains at least one number
This can be completely configured in the Mouf\Security\Password\PasswordStrengthCheck instance.
Also, if you have very specific needs regarding password strength (for instance: at least 2 special characters, only japanese characters allowed, etc...), then you can simply provide your own service as long as it implements Mouf\Security\Password\Api\PasswordStrengthCheck.