FIX Don't break the page if password recover email fails to send

This commit is contained in:
Guy Sartorelli 2023-12-14 12:47:29 +13:00
parent 446810bc5e
commit dd3a0dba24
No known key found for this signature in database
GPG Key ID: F313E3B9504D496A
2 changed files with 38 additions and 14 deletions

View File

@ -290,6 +290,7 @@ en:
CURRENT_PASSWORD: 'Current Password' CURRENT_PASSWORD: 'Current Password'
EDIT_PASSWORD: 'New Password' EDIT_PASSWORD: 'New Password'
EMAIL: Email EMAIL: Email
EMAIL_FAILED: 'There was an error when trying to email you a password reset link.'
EMPTYNEWPASSWORD: "The new password can't be empty, please try again" EMPTYNEWPASSWORD: "The new password can't be empty, please try again"
ENTEREMAIL: 'Please enter an email address to get a password reset link.' ENTEREMAIL: 'Please enter an email address to get a password reset link.'
ERRORLOCKEDOUT2: 'Your account has been temporarily disabled because of too many failed attempts at logging in. Please try again in {count} minutes.' ERRORLOCKEDOUT2: 'Your account has been temporarily disabled because of too many failed attempts at logging in. Please try again in {count} minutes.'

View File

@ -2,15 +2,19 @@
namespace SilverStripe\Security\MemberAuthenticator; namespace SilverStripe\Security\MemberAuthenticator;
use Psr\Log\LoggerInterface;
use SilverStripe\Control\Controller; use SilverStripe\Control\Controller;
use SilverStripe\Control\Email\Email; use SilverStripe\Control\Email\Email;
use SilverStripe\Control\HTTPResponse; use SilverStripe\Control\HTTPResponse;
use SilverStripe\Control\RequestHandler; use SilverStripe\Control\RequestHandler;
use SilverStripe\Core\Convert; use SilverStripe\Core\Convert;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\Forms\Form; use SilverStripe\Forms\Form;
use SilverStripe\ORM\FieldType\DBField; use SilverStripe\ORM\FieldType\DBField;
use SilverStripe\Security\Member; use SilverStripe\Security\Member;
use SilverStripe\Security\Security; use SilverStripe\Security\Security;
use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
use Symfony\Component\Mime\Exception\RfcComplianceException;
/** /**
* Handle login requests from MemberLoginForm * Handle login requests from MemberLoginForm
@ -173,7 +177,18 @@ class LostPasswordHandler extends RequestHandler
if ($member) { if ($member) {
$token = $member->generateAutologinTokenAndStoreHash(); $token = $member->generateAutologinTokenAndStoreHash();
$this->sendEmail($member, $token); $success = $this->sendEmail($member, $token);
if (!$success) {
$form->sessionMessage(
_t(
Member::class . '.EMAIL_FAILED',
'There was an error when trying to email you a password reset link.'
),
'bad'
);
return $this->redirectToLostPassword();
}
} }
return $this->redirectToSuccess($data); return $this->redirectToSuccess($data);
@ -225,6 +240,7 @@ class LostPasswordHandler extends RequestHandler
*/ */
protected function sendEmail($member, $token) protected function sendEmail($member, $token)
{ {
try {
/** @var Email $email */ /** @var Email $email */
$email = Email::create() $email = Email::create()
->setHTMLTemplate('SilverStripe\\Control\\Email\\ForgotPasswordEmail') ->setHTMLTemplate('SilverStripe\\Control\\Email\\ForgotPasswordEmail')
@ -238,7 +254,14 @@ class LostPasswordHandler extends RequestHandler
->setTo($member->Email); ->setTo($member->Email);
$member->extend('updateForgotPasswordEmail', $email); $member->extend('updateForgotPasswordEmail', $email);
return $email->send(); $email->send();
return true;
} catch (TransportExceptionInterface | RfcComplianceException $e) {
/** @var LoggerInterface $logger */
$logger = Injector::inst()->get(LoggerInterface::class . '.errorhandler');
$logger->error('Error sending email in ' . __FILE__ . ' line ' . __LINE__ . ": {$e->getMessage()}");
return false;
}
} }
/** /**