Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

FOS Disable Single Password Request Functionality

Tags:

symfony

fosuserbundle

I am using the FOS user bundle in Symfony and I really dont like the fact that a user can only request their password 1 time in 24 hours. Is there any way to disable this feature to enable the user the ability to request their password multiple times. I mean what happens if their reset email never reaches their inbox and they cannot reset the pw again, whats the best way to handle this.

Thanks.

like image 658
LargeTuna Avatar asked Aug 17 '15 13:08

LargeTuna

3 Answers

In FOSUserBundle configuration exists parameter token_ttl which have default value 86400. This is a number of seconds and It is used to determine the time to live for the token and the time the user must wait before retrying the request.

You can try to set 0 or false, it should work.

fos_user:
  resetting:
    token_ttl: 0
like image 100
Srdjan Avatar answered Nov 19 '22 09:11

Srdjan

I found an issue with the below changes to the config.yml

app/config/config.yml

fos_user:
  resetting:
     token_ttl: 0

This will allow the user to request a new password as many times as they wish (no 24 hour limit) however due to the zero 'time to live' of the token it will automatically reroute you from 

/resetting/reset/{token}

to 

resetting/request

So the user will never be actually given the option to change their password.

This was tested on Symfony 2.6

like image 22
Brendan Avatar answered Nov 19 '22 10:11

Brendan

Long ago, you could just configure this in config.yml

fos_user:
  resetting:
    token_ttl: 0

but in recent versions, since the token_ttl is both the retry time and the lifetime of the token, if you set it to 0, as soon as you create it, it expires.

You can follow the issue in Github

If you need it fixed ASAP, as a hacky workaround, you can implement the resetAction() by copy-pasting vendor/friendsofsymfony/user-bundle/Controller/RegistrationController.php in your AppBundle (or whatever bundle, doesn't really matter) and make the router point to your overriden function, like this (routing.yml):

fos_user_resetting_reset:
    path:     /resetting/reset/{token}
    defaults: {_controller: AcmeUserBundle:Resetting:reset }

Now, in your resetAction() method you can comment out this lines:

//        if (null !== $event->getResponse()) {
//            return $event->getResponse();
//        }

There are less hacky ways, of course, like creating your own listener but... this is how I quickly and dirtily did it, since I was in a hurry and I already had the resetAction overriden.

like image 2
xDaizu Avatar answered Nov 19 '22 09:11

xDaizu

Sign in to Comment

Related questions

SessionHandler::write(): Parent session handler is not open
HWIOAuthBundle - Symfony2 - Get User Data from Facebook
Sending a POST request with PHPUnit
Symfony2 - doctrine:schema:update fails with entity outside of a bundle ( decoupled )
Variable does not exist in symfony2
Symfony2 form validation always returning ERROR: This value should not be blank
Set simple boolean in twig
Symfony FOSUserBundle Translations aren't showing
SQLSTATE[HY000] [1045] Access denied for user 'root'@'127.0.0.1' (using password: NO) SYMFONY2
Undefined index: inverseJoinColumns while trying to define ManyToMany relationship between two entities
Rendering entity type as text field so I can auto-complete it with jquery
creating css using twig
Using a repository outside of a controller in Symfony2
Symfony2 Twig overriding default path function
Can't upload image with mime-type "application/octet-stream" in Symfony2
symfony 2 Fixtures for many to many relationship
How to create a link that download a file in Symfony
Symfony 2 KNP Menu: add CSS class to link
How can I test a function that uses DateTime to get the current time?
How to specify Symfony2 Bootstrap checkbox inline style?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!