<?phpnamespace App\EventListener;use Symfony\Component\HttpKernel\HttpKernel;use Symfony\Component\HttpFoundation\Response;use Symfony\Component\Routing\RouterInterface;use Symfony\Component\HttpKernel\Event\RequestEvent;use Symfony\Component\HttpKernel\HttpKernelInterface;use Symfony\Component\HttpFoundation\RedirectResponse;use Symfony\Component\Security\Core\User\UserInterface;use Symfony\Component\HttpKernel\Event\GetResponseEvent;use Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage;/** * Listener that check if the user needs to update its password */class PasswordResetListener{ protected $router; protected $tokenStorage; public function __construct(UsageTrackingTokenStorage $tokenStorage, RouterInterface $router) { $this->router = $router; $this->tokenStorage = $tokenStorage; } public function onKernelRequest(RequestEvent $event) { // Check that the current request is a "MASTER_REQUEST" // Ignore any sub-request if ($event->getRequestType() !== HttpKernel::MASTER_REQUEST) { return; } // Check if the route we try to access is "edit_password_page" if ($event->getRequest()->attributes->get("_route") == "edit_password_page") { return; } // Check token authentication availability if ($this->tokenStorage->getToken()) { $user = $this->tokenStorage->getToken()->getUser(); if($user instanceof UserInterface) { // Check boolean "password_reset" // If true, force the user to change its password if($user->getPasswordReset()) { $event->setResponse(new RedirectResponse($this->router->generate("edit_password_page"))); $event->stopPropagation(); } } } }}