src/EventListener/ForgotPasswordEventListener.php line 19

  1. <?php
  3. namespace App\EventListener;
  5. use Symfony\Component\HttpKernel\Event\RequestEvent;
  6. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  7. use Symfony\Bundle\SecurityBundle\Security;
  8. use Symfony\Component\Security\Core\User\UserInterface;
  10. class ForgotPasswordEventListener
  11. {
  12.     private $security;
  14.     public function __construct(Security $security)
  15.     {
  16.         $this->security $security;
  17.     }
  19.     public function onKernelRequest(RequestEvent $event): void
  20.     {
  21.         if (!$event->isMainRequest()
  22.             || !preg_match('/^forgot_password/i'$event->getRequest()->get('_route'))
  23.         ) {
  24.             return;
  25.         }
  27.         // User should not be authenticated on forgot password
  28.         if (null !== $this->security->getToken() && $this->security->getUser() instanceof UserInterface) {
  29.             throw new AccessDeniedHttpException();
  30.         }
  31.     }
  32. }