You are here

Home » API reference » Password Policy 8.3 » PasswordPolicyEventSubscriber.php

class PasswordPolicyEventSubscriber in Password Policy 8.3

Enforces password reset functionality.

Hierarchy

Expanded class hierarchy of PasswordPolicyEventSubscriber

1 string reference to 'PasswordPolicyEventSubscriber'
password_policy.services.yml in ./password_policy.services.yml
password_policy.services.yml
1 service uses PasswordPolicyEventSubscriber
password_policy_event_subscriber in ./password_policy.services.yml
Drupal\password_policy\EventSubscriber\PasswordPolicyEventSubscriber

File

src/EventSubscriber/PasswordPolicyEventSubscriber.php, line 20

Namespace

Drupal\password_policy\EventSubscriber
View source 
class PasswordPolicyEventSubscriber implements EventSubscriberInterface {
  use StringTranslationTrait;

  /**
   * The currently logged in user.
   *
   * @var \Drupal\Core\Session\AccountProxyInterface
   */
  protected $currentUser;

  /**
   * The messenger service.
   *
   * @var \Drupal\Core\Messenger\MessengerInterface
   */
  protected $messenger;

  /**
   * The user storage.
   *
   * @var \Drupal\Core\Entity\EntityStorageInterface
   */
  protected $userStorage;

  /**
   * The request object.
   *
   * @var \Symfony\Component\HttpFoundation\Request|null
   */
  protected $request;

  /**
   * PasswordPolicyEventSubscriber constructor.
   *
   * @param \Drupal\Core\Session\AccountProxyInterface $currentUser
   *   The currently logged in user.
   * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entityTypeManager
   *   The entity type manager.
   * @param \Drupal\Core\Messenger\MessengerInterface $messenger
   *   The messenger service.
   * @param \Symfony\Component\HttpFoundation\RequestStack $requestStack
   *   The request stack.
   *
   * @throws \Drupal\Component\Plugin\Exception\InvalidPluginDefinitionException
   * @throws \Drupal\Component\Plugin\Exception\PluginNotFoundException
   */
  public function __construct(AccountProxyInterface $currentUser, EntityTypeManagerInterface $entityTypeManager, MessengerInterface $messenger, RequestStack $requestStack) {
    $this->currentUser = $currentUser;
    $this->messenger = $messenger;
    $this->request = $requestStack
      ->getCurrentRequest();
    $this->userStorage = $entityTypeManager
      ->getStorage('user');
  }

  /**
   * Event callback to look for users expired password.
   */
  public function checkForUserPasswordExpiration(GetResponseEvent $event) {
    $route_name = $this->request->attributes
      ->get(RouteObjectInterface::ROUTE_NAME);
    $ignore_route = in_array($route_name, [
      'entity.user.edit_form',
      'system.ajax',
      'user.logout',
      'admin_toolbar_tools.flush',
    ]);

    // Ignore route for jsonapi calls.
    if (strpos($route_name, 'jsonapi') !== FALSE) {
      return;
    }

    // There needs to be an explicit check for non-anonymous or else
    // this will be tripped and a forced redirect will occur.
    if ($this->currentUser
      ->isAuthenticated()) {

      /* @var $user \Drupal\user\UserInterface */
      $user = $this->userStorage
        ->load($this->currentUser
        ->id());
      $is_ajax = $this->request->headers
        ->get('X_REQUESTED_WITH') === 'XMLHttpRequest';
      $user_expired = FALSE;
      if ($user && $user
        ->hasField('field_password_expiration') && $user
        ->get('field_password_expiration')
        ->get(0)) {
        $user_expired = $user
          ->get('field_password_expiration')
          ->get(0)
          ->getValue();
        $user_expired = $user_expired['value'];
      }

      // TODO - Consider excluding admins here.
      if ($user_expired && !$ignore_route && !$is_ajax) {
        $url = new Url('entity.user.edit_form', [
          'user' => $user
            ->id(),
        ]);
        $url = $url
          ->setAbsolute()
          ->toString();
        $event
          ->setResponse(new RedirectResponse($url));
        $this->messenger
          ->addError($this
          ->t('Your password has expired, please update it'));
      }
    }
  }

  /**
   * {@inheritdoc}
   */
  public static function getSubscribedEvents() {

    // TODO - Evaluate if there is a better place to add this check.
    $events[KernelEvents::REQUEST][] = [
      'checkForUserPasswordExpiration',
    ];
    return $events;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
PasswordPolicyEventSubscriber::$currentUser protected property The currently logged in user.
PasswordPolicyEventSubscriber::$messenger protected property The messenger service.
PasswordPolicyEventSubscriber::$request protected property The request object.
PasswordPolicyEventSubscriber::$userStorage protected property The user storage.
PasswordPolicyEventSubscriber::checkForUserPasswordExpiration public function Event callback to look for users expired password.
PasswordPolicyEventSubscriber::getSubscribedEvents public static function Returns an array of event names this subscriber wants to listen to.
PasswordPolicyEventSubscriber::__construct public function PasswordPolicyEventSubscriber constructor.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.