public function MainDeprecatedController::login in Bakery Single Sign-On System 8.2
Special Bakery login callback authenticates the user and returns to slave.
File
- src/
Controller/ MainDeprecatedController.php, line 162
Class
Namespace
Drupal\bakery\ControllerCode
public function login(Request $request) {
$cookie = $this->kitchen
->taste(Kitchen::OATMEAL, $request->cookies);
if ($cookie) {
// Remove the data pass cookie.
$this->kitchen
->eat(Kitchen::OATMEAL);
$current_user = $this
->currentUser();
if ($current_user
->id()) {
if ($current_user
->getAccountName() != $cookie['data']['name']) {
// Trying to log in as another user. That seems likely to cause
// problems. Let's just bail.
throw new AccessDeniedHttpException();
}
// This user is already logged in. Let's make sure the CC is correct and
// redirect them back.
$this->kitchen
->reBakeChocolateChipCookie($current_user);
$data = [
'errors' => [],
'name' => $current_user
->getAccountName(),
];
}
else {
// First see if the user_login form validation has any errors for them.
$name = trim($cookie['data']['name']);
// Execute the login form which checks
// username, password, status and flood.
$form_state = new FormState();
$form_state
->setValues($cookie['data']);
$form_builder = $this
->formBuilder();
$form_builder
->submitForm(UserLoginForm::class, $form_state);
$errors = $form_state
->getErrors();
if (empty($errors)) {
// Check if account credentials are correct.
/** @var \Drupal\user\UserInterface|false $account */
$account = user_load_by_name($name);
if ($account && $account
->id()) {
// Check if the mail is denied.
if ($account
->isBlocked()) {
$errors['name'] = t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', [
'%name' => $name,
]);
}
else {
// Passed all checks, create identification cookie and log in.
$this->kitchen
->reBakeChocolateChipCookie($account);
$this->bakeryService
->userExternalLogin($account);
}
}
else {
$errors['incorrect-credentials'] = 1;
}
}
if (!empty($errors)) {
// Report failed login.
$this
->getLogger('user')
->notice('Login attempt failed for %user.', [
'%user' => $name,
]);
// Clear the messages on the master's session,
// since they were set during
// drupal_form_submit() and will be displayed out of context.
$this
->messenger()
->deleteAll();
}
// Bake a new cookie for validation on the slave.
$data = [
'errors' => $errors,
'name' => $name,
];
}
// Carry destination through login.
if (isset($cookie['data']['destination'])) {
$data['destination'] = $cookie['data']['destination'];
}
$this->kitchen
->bake(new OatmealCookie($name, $data));
return new TrustedRedirectResponse(Url::fromUri(rtrim($cookie['slave'], '/') . '/bakery/login')
->toString());
}
throw new AccessDeniedHttpException();
}