MainDeprecatedController.php in Bakery Single Sign-On System 8.2
File
src/Controller/MainDeprecatedController.php
View source
<?php
namespace Drupal\bakery\Controller;
use Drupal\bakery\BakeryService;
use Drupal\bakery\Cookies\OatmealCookie;
use Drupal\bakery\Kitchen;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Controller\ControllerBase;
use Drupal\Core\Form\FormState;
use Drupal\Core\Routing\TrustedRedirectResponse;
use Drupal\Core\Url;
use Drupal\user\Entity\User;
use Drupal\user\Form\UserLoginForm;
use Drupal\user\UserInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
class MainDeprecatedController extends ControllerBase {
protected $bakeryService;
protected $kitchen;
public function __construct(BakeryService $bakery_service, Kitchen $kitchen) {
$this->bakeryService = $bakery_service;
$this->kitchen = $kitchen;
}
public static function create(ContainerInterface $container) {
return new static($container
->get('bakery.bakery_service'), $container
->get('bakery.kitchen'));
}
public function register() {
$cookie = $this->kitchen
->taste(Kitchen::OATMEAL);
if ($cookie) {
$this->kitchen
->eat(Kitchen::OATMEAL);
if ($this
->config('user.settings')
->get('register') != UserInterface::REGISTER_ADMINISTRATORS_ONLY) {
$name = trim($cookie['data']['name']);
$mail = trim($cookie['data']['mail']);
$data = [
'name' => $name,
];
$errors = [];
if (user_load_by_mail($mail)) {
$errors['mail'] = 1;
}
elseif (user_load_by_name($name)) {
$errors['name'] = 1;
}
else {
if (!$cookie['data']['pass']) {
$pass = user_password();
}
else {
$pass = $cookie['data']['pass'];
}
$language = $this
->languageManager()
->getCurrentLanguage()
->getId();
$account = User::create();
$account
->setPassword($pass);
$account
->enforceIsNew();
$account
->setEmail($mail);
$account
->setUsername($name);
$account
->set("init", $mail);
$account
->set("langcode", $language);
$account
->set("preferred_langcode", $language);
$account
->set("preferred_admin_langcode", $language);
$account
->activate();
$account
->save();
$data['uid'] = $account
->id();
$data['mail'] = $mail;
$this
->getLogger('bakery')
->notice('New external user: %name using module bakery from slave !slave.', [
'%name' => $account
->getAccountName(),
'!slave' => $cookie['slave'],
]);
if (!$this
->config('user.settings')
->get('verify_mail')) {
$this->kitchen
->reBakeChocolateChipCookie($account);
$this->bakeryService
->userExternalLogin($account);
}
else {
$errors['validate'] = 1;
}
}
}
else {
$this
->getLogger('bakery')
->error('Master Bakery site user registration is disabled but users are trying to register from a subsite.');
$errors['register'] = 1;
}
if (!empty($errors)) {
session_destroy();
}
$data['errors'] = $errors;
if (isset($cookie['data']['destination'])) {
$data['destination'] = $cookie['data']['destination'];
}
$this->kitchen
->bake(new OatmealCookie($name, $data));
return new TrustedRedirectResponse(Url::fromUri(rtrim($cookie['slave'], '/') . '/bakery')
->toString());
}
throw new AccessDeniedHttpException();
}
public function login(Request $request) {
$cookie = $this->kitchen
->taste(Kitchen::OATMEAL, $request->cookies);
if ($cookie) {
$this->kitchen
->eat(Kitchen::OATMEAL);
$current_user = $this
->currentUser();
if ($current_user
->id()) {
if ($current_user
->getAccountName() != $cookie['data']['name']) {
throw new AccessDeniedHttpException();
}
$this->kitchen
->reBakeChocolateChipCookie($current_user);
$data = [
'errors' => [],
'name' => $current_user
->getAccountName(),
];
}
else {
$name = trim($cookie['data']['name']);
$form_state = new FormState();
$form_state
->setValues($cookie['data']);
$form_builder = $this
->formBuilder();
$form_builder
->submitForm(UserLoginForm::class, $form_state);
$errors = $form_state
->getErrors();
if (empty($errors)) {
$account = user_load_by_name($name);
if ($account && $account
->id()) {
if ($account
->isBlocked()) {
$errors['name'] = t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', [
'%name' => $name,
]);
}
else {
$this->kitchen
->reBakeChocolateChipCookie($account);
$this->bakeryService
->userExternalLogin($account);
}
}
else {
$errors['incorrect-credentials'] = 1;
}
}
if (!empty($errors)) {
$this
->getLogger('user')
->notice('Login attempt failed for %user.', [
'%user' => $name,
]);
$this
->messenger()
->deleteAll();
}
$data = [
'errors' => $errors,
'name' => $name,
];
}
if (isset($cookie['data']['destination'])) {
$data['destination'] = $cookie['data']['destination'];
}
$this->kitchen
->bake(new OatmealCookie($name, $data));
return new TrustedRedirectResponse(Url::fromUri(rtrim($cookie['slave'], '/') . '/bakery/login')
->toString());
}
throw new AccessDeniedHttpException();
}
public function userIsAnonymous() {
if ($this
->currentUser()
->isAnonymous()) {
return AccessResult::allowed();
}
else {
return AccessResult::forbidden();
}
}
}