<?phpnamespace App\EventSubscriber;use App\Entity\Consultant;use App\Entity\User;use App\Service\Entity\ConsultantService;use Symfony\Component\Console\Logger\ConsoleLogger;use Symfony\Component\EventDispatcher\EventSubscriberInterface;use Symfony\Component\HttpKernel\KernelEvents;use Symfony\Component\HttpKernel\Event\RequestEvent;use Symfony\Component\HttpFoundation\RedirectResponse;use Symfony\Component\Routing\Generator\UrlGeneratorInterface;use Symfony\Component\Security\Core\Security;class ForceChangePasswordSubscriber implements EventSubscriberInterface{ private $security; private $urlGenerator; private $consultantService; public function __construct(Security $security, UrlGeneratorInterface $urlGenerator, ConsultantService $consultantService) { $this->security = $security; $this->urlGenerator = $urlGenerator; $this->consultantService = $consultantService; } public static function getSubscribedEvents(): array { return [ KernelEvents::REQUEST => [ ['forcePasswordChange', 0] ], ]; } public function forcePasswordChange(RequestEvent $event): void { // only deal with the main request, disregard subrequests if (!$event->isMainRequest()) { return; } $user = $this->security->getUser(); // if you do not have a valid user, it means it's not an authenticated request, so it's not our concern if (!$user instanceof User) { return; } if (!$user instanceof Consultant || !$this->consultantService->consultantNeedToResetPassword($user)) { return; } // if we get here, it means we need to redirect them to the password change view. $redirectTo = $this->urlGenerator->generate('changepassword'); if ($event->getRequest()->getRequestUri() != $redirectTo) { $event->setResponse(new RedirectResponse($redirectTo)); } }}