public function LoginValidatorLoginForm::processLogin in Lightweight Directory Access Protocol (LDAP) 8.4
Perform the actual logging in.
Overrides LoginValidatorInterface::processLogin
1 call to LoginValidatorLoginForm::processLogin()
- LoginValidatorLoginForm::validateLogin in ldap_authentication/
src/ Controller/ LoginValidatorLoginForm.php - Starts login process.
File
- ldap_authentication/
src/ Controller/ LoginValidatorLoginForm.php, line 42
Class
- LoginValidatorLoginForm
- Handles the actual testing of credentials and authentication of users.
Namespace
Drupal\ldap_authentication\ControllerCode
public function processLogin() : void {
if ($this
->userAlreadyAuthenticated()) {
return;
}
if (!$this
->validateCommonLoginConstraints()) {
return;
}
$credentialsAuthenticationResult = $this
->testCredentials();
if ($credentialsAuthenticationResult === self::AUTHENTICATION_FAILURE_FIND && $this->config
->get('authenticationMode') === 'exclusive') {
$this->formState
->setErrorByName('non_ldap_login_not_allowed', $this
->t('User disallowed'));
}
if ($credentialsAuthenticationResult !== self::AUTHENTICATION_SUCCESS) {
return;
}
if (!$this
->deriveDrupalUserName()) {
return;
}
// We now have an LDAP account, matching username and password and the
// reference Drupal user.
if (!$this->drupalUser && $this->serverDrupalUser) {
$this
->updateAuthNameFromPuid();
}
// Existing Drupal but not mapped to LDAP.
if ($this->drupalUser && !$this->drupalUserAuthMapped) {
if (!$this
->matchExistingUserWithLdap()) {
return;
}
}
// Existing Drupal account with incorrect email. Fix email if appropriate.
$this
->fixOutdatedEmailAddress();
// No existing Drupal account. Consider provisioning Drupal account.
if (!$this->drupalUser) {
if (!$this
->provisionDrupalUser()) {
return;
}
}
// All passed, log the user in by handing over the UID.
if ($this->drupalUser) {
$this->formState
->set('uid', $this->drupalUser
->id());
}
}