function legal_user_login in Legal 2.0.x
Same name and namespace in other branches
- 8 legal.module \legal_user_login()
- 7.2 legal.module \legal_user_login()
- 7 legal.module \legal_user_login()
Implements hook_user_login().
File
- ./
legal.module, line 415 - Module file for Legal.
Code
function legal_user_login(UserInterface $account) {
// Skip T&Cs for user 1 or user with exempt role.
$exempt = legal_user_is_exempt($account);
if ($exempt) {
return;
}
$settings = \Drupal::config('legal.settings');
// Get last accepted version for this account.
$uid = $account
->get('uid')
->getString();
$legal_account = legal_get_accept($uid);
// If no version accepted, get version with current language revision.
$language = \Drupal::languageManager()
->getCurrentLanguage();
if (empty($legal_account['version'])) {
$conditions = legal_get_conditions($language
->getId());
// No conditions set yet, skip T&Cs.
if (empty($conditions['conditions'])) {
return;
}
}
else {
// Get version / revision of last accepted language.
$conditions = legal_get_conditions($legal_account['language']);
// No conditions set yet, skip T&Cs.
if (empty($conditions['conditions'])) {
return;
}
// Check latest version of T&C has been accepted.
$accepted = legal_version_check($uid, $conditions['version'], $conditions['revision'], $legal_account);
// User has accepted latest T&C.
if ($accepted) {
if ($settings
->get('accept_every_login') == 0) {
return;
}
else {
$request = \Drupal::request();
$session = $request
->getSession();
$newly_accepted = $session
->get('legal_login', FALSE);
if ($newly_accepted) {
return;
}
}
}
}
// Log the user out and regenerate the Drupal session.
\Drupal::logger('user')
->notice('Session closed for %name.', [
'%name' => $account
->getAccountName(),
]);
\Drupal::moduleHandler()
->invokeAll('user_logout', [
$account,
]);
// Destroy the current session, and reset $user to the anonymous user.
\Drupal::service('session_manager')
->destroy();
$query = NULL;
$path = \Drupal::request()
->getpathInfo();
$arg = explode('/', $path);
// One time login link - set user edit page as destination after T&Cs.
if (isset($arg[1]) && $arg[1] == 'user' && isset($arg[2]) && $arg[2] == 'reset') {
$query = [
'destination' => $account
->toUrl('edit-form')
->toString(),
];
}
// Preserve custom destination if it's been set.
if (!empty($_REQUEST['destination'])) {
$query = [
'destination' => $_REQUEST['destination'],
];
}
unset($_GET['destination']);
$signatory = User::load($uid);
$login = $signatory
->get('login')->value;
$password = $signatory
->get('pass')->value;
$token = Crypt::randomBytesBase64();
$data = $login . $uid . $password;
$hash = Crypt::hmacBase64($data, $token);
user_cookie_save([
'legal_hash' => $hash,
'legal_id' => $uid,
]);
$query['token'] = $token;
$path = Url::fromUserInput('/legal_accept', [
'query' => $query,
])
->toString();
$response = new RedirectResponse($path);
$response
->sendHeaders();
exit;
}