private function LoginValidator::processLogin in Lightweight Directory Access Protocol (LDAP) 8.3
Perform the actual logging in.
@TODO: Return values aren't actually reviewed, can be simplified.
Return value
bool Success or failure of authentication.
1 call to LoginValidator::processLogin()
- LoginValidator::validateLogin in ldap_authentication/
src/ Controller/ LoginValidator.php - Starts login process.
File
- ldap_authentication/
src/ Controller/ LoginValidator.php, line 114
Class
- LoginValidator
- Handles the actual testing of credentials and authentication of users.
Namespace
Drupal\ldap_authentication\ControllerCode
private function processLogin() {
if (!$this
->validateAlreadyAuthenticated()) {
return FALSE;
}
if (!$this
->validateCommonLoginConstraints()) {
return FALSE;
}
$credentialsAuthenticationResult = $this
->testCredentials($this->formState
->getValue('pass'));
if ($credentialsAuthenticationResult == self::AUTHENTICATION_FAILURE_FIND && $this->config
->get('authenticationMode') == LdapAuthenticationConfiguration::MODE_EXCLUSIVE) {
$this->formState
->setErrorByName('non_ldap_login_not_allowed', $this
->t('User disallowed'));
}
if ($credentialsAuthenticationResult != self::AUTHENTICATION_SUCCESS) {
return FALSE;
}
if (!$this
->deriveDrupalUserName()) {
return FALSE;
}
// We now have an LDAP account, matching username and password and the
// reference Drupal user.
if (!$this->drupalUser && $this->serverDrupalUser) {
$this
->updateAuthNameFromPuid();
}
// Existing Drupal but not mapped to LDAP.
if ($this->drupalUser && !$this->drupalUserAuthMapped) {
if (!$this
->matchExistingUserWithLdap()) {
return FALSE;
}
}
// Existing Drupal account with incorrect email. Fix email if appropriate.
$this
->fixOutdatedEmailAddress();
// No existing Drupal account. Consider provisioning Drupal account.
if (!$this->drupalUser) {
if (!$this
->provisionDrupalUser()) {
return FALSE;
}
}
// All passed, log the user in by handing over the UID.
if ($this->drupalUser) {
$this->formState
->set('uid', $this->drupalUser
->id());
}
return TRUE;
}