You are here

Home » API reference » Bakery Single Sign-On System 7.3 » bakery.module

function bakery_login_handler in Bakery Single Sign-On System 7.3

Special Bakery login callback authenticates the user and returns to slave.

1 string reference to 'bakery_login_handler'
bakery_menu in ./bakery.module
Implements hook_menu().

File

./bakery.module, line 552

Code

function bakery_login_handler() {
  global $user;
  $bakery = bakery_get_bakery();
  $cookie = $bakery
    ->validateSubCookie();
  if (!$cookie) {
    return MENU_ACCESS_DENIED;
  }

  // Make sure there are query defaults.
  $cookie['data'] += array(
    'query' => array(),
  );
  $errors = array();

  // First see if the user_login form validation has any errors for them.
  $name = trim($cookie['data']['name']);
  $pass = trim($cookie['data']['pass']);

  // Execute the login form which checks username, password, status and flood.
  $form_state = array();
  $form_state['values'] = $cookie['data'];
  drupal_form_submit('user_login', $form_state);
  $errors = form_get_errors();
  if (empty($errors)) {

    // Check if account credentials are correct.
    $account = user_load_by_name($name);
    if (isset($account->uid)) {

      // Check if the mail is denied.
      if (drupal_is_denied('user', $account->mail)) {
        $errors['name'] = t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', array(
          '%name' => $name,
        ));
      }
      else {

        // Passed all checks, create identification cookie and log in.
        $params = array(
          'name' => $account->name,
          'mail' => $account->mail,
          'init' => _bakery_init_field($account->uid),
          'uid' => $account->uid,
        );
        $bakery
          ->setSsoCookie($params);
        $user = $account;
        $edit = array(
          'name' => $user->name,
        );
        bakery_user_authenticate_finalize($edit);

        // If any implementations of hook_user_login() do a redirect it will
        // break Bakery's registration flow.
        // @todo use bakery_user_external_login ? since it does auth_finalize and also checks username/password & flood
      }
    }
    else {
      $errors['incorrect-credentials'] = 1;
    }
  }
  if (!empty($errors)) {

    // Report failed login.
    watchdog('user', 'Login attempt failed for %user.', array(
      '%user' => $name,
    ));

    // Clear the messages on the master's session, since they were set during
    // drupal_form_submit() and will be displayed out of context.
    drupal_get_messages();
  }

  // Bake a new cookie for validation on the slave.
  $data = array(
    'errors' => $errors,
    'name' => $name,
  );

  // Carry destination through login.
  if (isset($cookie['data']['destination'])) {
    $data['destination'] = $cookie['data']['destination'];
  }

  // Carry other query parameters through login.
  $data['query'] = $cookie['data']['query'];
  $bakery
    ->setSubCookie($name, $data, $cookie['slave']);
  drupal_goto($cookie['slave'] . '/bakery/login');
}