function _hybridauth_window_process_auth in HybridAuth Social Login 7.2
Same name and namespace in other branches
- 6.2 hybridauth.pages.inc \_hybridauth_window_process_auth()
Handle the Drupal authentication.
2 calls to _hybridauth_window_process_auth()
File
- ./
hybridauth.pages.inc, line 224 - HybridAuth module pages.
Code
function _hybridauth_window_process_auth($data) {
global $user;
// User is already logged in, tries to add new identity.
if (user_is_logged_in()) {
// Identity is already registered.
if ($identity = _hybridauth_identity_load($data)) {
// Registered to this user.
if ($user->uid == $identity['uid']) {
drupal_set_message(t('You have already registered this identity.'));
_hybridauth_window_close();
}
else {
drupal_set_message(t('This identity is registered to another user.'), 'error');
_hybridauth_window_close();
}
}
else {
_hybridauth_identity_save($data);
drupal_set_message(t('New identity added.'));
_hybridauth_invoke_hooks('hybridauth_identity_added', $user, $data);
_hybridauth_window_close();
}
}
if ($identity = _hybridauth_identity_load($data)) {
// Check if user is blocked.
if ($account = _hybridauth_user_is_blocked_by_uid($identity['uid'])) {
$account = user_load($identity['uid']);
module_invoke_all('hybridauth_user_blocked', $account, $data);
drupal_set_message(t('The username %name has not been activated or is blocked.', array(
'%name' => $account->name,
)), 'error');
}
elseif (!_hybridauth_user_login_access_by_uid($identity['uid'])) {
$data = unserialize($identity['data']);
drupal_set_message(t('You need to verify your e-mail address - !email.', array(
'!email' => $data['email'],
)), 'error');
drupal_set_message(t('A welcome message with further instructions has been sent to your e-mail address.'));
_hybridauth_mail_notify('hybridauth_email_verification', user_load($identity['uid']));
}
else {
$form_state['uid'] = $identity['uid'];
user_login_submit(array(), $form_state);
_hybridauth_invoke_hooks('hybridauth_user_login', $user, $data);
}
}
elseif (variable_get('hybridauth_duplicate_emails', 1) && !empty($data['email']) && ($account = user_load_by_mail($data['email']))) {
// Add identity to existing account, only if emailVerified.
if (variable_get('hybridauth_duplicate_emails', 1) == 2 && $data['email'] == $data['emailVerified']) {
_hybridauth_identity_save($data, $account->uid);
drupal_set_message(t('New identity added.'));
_hybridauth_invoke_hooks('hybridauth_identity_added', $account, $data);
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
_hybridauth_invoke_hooks('hybridauth_user_login', $user, $data);
}
else {
drupal_set_message(t('You are trying to login with email address of another user.'), 'error');
if (!empty($account->data['hybridauth'])) {
$providers = hybridauth_providers_list();
drupal_set_message(t('If you are completely sure it is your email address, try to login through %provider.', array(
'%provider' => $providers[$account->data['hybridauth']['provider']],
)), 'status');
}
else {
drupal_set_message(t('If you are completely sure it is your email address, try to login using your username and password on this site. If you don\'t remember your password - <a href="@password">request new password</a>.', array(
'@password' => url('user/password'),
)));
}
}
}
elseif ($message = _hybridauth_registration_block($data)) {
// Destroy the session with the blocked authorized identity.
session_destroy();
if (is_string($message)) {
drupal_set_message($message, 'error');
}
}
else {
// Visitors can create accounts.
if (variable_get('hybridauth_register', 0) == 0 && variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) || variable_get('hybridauth_register', 0) == 1 || variable_get('hybridauth_register', 0) == 2) {
_hybridauth_invoke_hooks('hybridauth_user_preinsert', $user, $data);
// Check profile information for required fields.
if ($additional_info = _hybridauth_check_additional_info($data)) {
return $additional_info;
}
// As we have already checked for the additional info we can unset the plaintext $data['pass'] here.
if (isset($data['pass'])) {
$user_password = $data['pass'];
unset($data['pass']);
}
// TODO: remove this global if possible.
global $_hybridauth_data;
$_hybridauth_data = $data;
// Register this new user.
$name = _hybridauth_make_username($data);
$userinfo = array(
'name' => $name,
'pass' => empty($user_password) ? user_password() : $user_password,
'init' => $data['email'],
'status' => 1,
'access' => REQUEST_TIME,
'mail' => $data['email'],
'data' => array(
'hybridauth' => $data,
),
);
// Invoke hook_hybridauth_userinfo_alter().
drupal_alter('hybridauth_userinfo', $userinfo, $data);
$admin_approval_required = FALSE;
// Admin approval is required.
if (variable_get('hybridauth_register', 0) == 0 && variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) == USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL || variable_get('hybridauth_register', 0) == 2) {
$userinfo['status'] = 0;
$admin_approval_required = TRUE;
}
$account = user_save(drupal_anonymous_user(), $userinfo);
// Terminate if an error occurred during user_save().
if (!$account) {
drupal_set_message(t('Error saving user account.'), 'error');
_hybridauth_window_close();
}
_hybridauth_invoke_hooks('hybridauth_user_insert', $account, $data);
_hybridauth_identity_save($data, $account->uid);
_hybridauth_invoke_hooks('hybridauth_identity_added', $account, $data);
$user_save_trigger = FALSE;
$user_email_verify_trigger = FALSE;
$user_login_trigger = TRUE;
// Save user picture.
if (variable_get('user_pictures', 0) && variable_get('hybridauth_pictures', 1)) {
$photo_url = $data['photoURL'];
if (valid_url($photo_url)) {
$photo = drupal_http_request($photo_url);
if (isset($photo->error)) {
watchdog('hybridauth', 'Error while executing drupal_http_request() to %url: %error.', array(
'%url' => $photo_url,
'%error' => $photo->error,
), WATCHDOG_ERROR);
}
else {
if ($file = file_save_data($photo->data)) {
// To make user_save() to process the file and move it.
$file->status = 0;
$edit['picture'] = $file;
$user_save_trigger = TRUE;
}
else {
watchdog('hybridauth', 'Failed to save user image from url %url.', array(
'%url' => $photo_url,
), WATCHDOG_ERROR);
}
}
}
}
// Admin approval is required.
if ($admin_approval_required) {
$user_login_trigger = FALSE;
_user_mail_notify('register_pending_approval', $account);
drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
}
elseif (!empty($data['email']) && $data['email'] != $data['emailVerified'] && (!variable_get('hybridauth_email_verification', 0) && variable_get('user_email_verification', TRUE) || variable_get('hybridauth_email_verification', 0) == 1)) {
$user_login_trigger = FALSE;
// Dries birthday timestamp, Nov 19, 1978 = 280281600 :).
$edit['login'] = 280281600;
$user_save_trigger = TRUE;
$user_email_verify_trigger = TRUE;
}
if ($user_save_trigger) {
// Hack to remove one notice from Legal module.
if (module_exists('legal')) {
$edit['legal_accept'] = NULL;
}
$account = user_save($account, $edit);
}
if ($user_email_verify_trigger) {
_hybridauth_mail_notify('hybridauth_email_verification', $account);
drupal_set_message(t('A welcome message with further instructions has been sent to your e-mail address.'));
}
// Log user in.
if ($user_login_trigger) {
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
_hybridauth_invoke_hooks('hybridauth_user_login', $user, $data);
}
}
elseif (variable_get('hybridauth_register', 0) == 3) {
if (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL)) {
$message = t('Sorry, you are not allowed to login. Please, <a href="@register">create a new account</a>.', array(
'@register' => url('user/register'),
));
}
else {
$message = t('New account registration is not allowed.');
}
drupal_set_message($message, 'error');
_hybridauth_window_close(FALSE);
}
else {
drupal_set_message(t('Only site administrators can create new user accounts.'), 'error');
_hybridauth_window_close(FALSE);
}
}
_hybridauth_window_close();
}