private function RequireLoginSubscriber::checkLogin in Require Login 8
Same name and namespace in other branches
- 8.2 src/EventSubscriber/RequireLoginSubscriber.php \Drupal\require_login\EventSubscriber\RequireLoginSubscriber::checkLogin()
Check login authentication enforcement for current request.
Parameters
\Symfony\Component\HttpKernel\Event\GetResponseEvent $event: The event response.
\Drupal\Core\Config\ImmutableConfig $config: The configuration object.
\Symfony\Component\HttpFoundation\Request $request: The HTTP request.
Return value
bool Return FALSE if authentication isn't required. Otherwise TRUE.
1 call to RequireLoginSubscriber::checkLogin()
- RequireLoginSubscriber::loginRedirect in src/
EventSubscriber/ RequireLoginSubscriber.php - Prepare login redirect response.
File
- src/
EventSubscriber/ RequireLoginSubscriber.php, line 136
Class
- RequireLoginSubscriber
- Login requirement.
Namespace
Drupal\require_login\EventSubscriberCode
private function checkLogin(GetResponseEvent $event, ImmutableConfig $config, Request $request) {
// Check event exception status codes.
if ($event instanceof GetResponseForExceptionEvent) {
switch ($event
->getException()
->getStatusCode()) {
case '403':
if ($config
->get('excluded_403')) {
return FALSE;
}
break;
case '404':
if ($config
->get('excluded_404')) {
return FALSE;
}
break;
}
}
// Default authentication exclusions.
$route_name = $request
->get('_route');
$default_checks = [
// Check if CLI environment.
PHP_SAPI === 'cli',
// Check system.cron route.
$route_name === 'system.cron',
// Check system.db_update route (/update.php).
$route_name === 'system.db_update',
// Check user.* routes (/user/*).
$route_name === 'user.login' || $route_name === 'user.register' || $route_name === 'user.pass' || substr($route_name, 0, 10) === 'user.reset',
];
$this->moduleHandler
->alter('require_login_authcheck', $default_checks);
if (in_array(TRUE, $default_checks)) {
return FALSE;
}
// Configurable route name exclusions.
$excluded_routes = array_filter(preg_split('/\\r\\n|\\r|\\n/', $config
->get('excluded_routes')));
if (in_array($route_name, $excluded_routes)) {
return FALSE;
}
// Configurable path exclusions.
$current_path = $this->currentPath
->getPath($request);
$current_path_alias = $this->aliasManager
->getAliasByPath($current_path);
$current_path_parameters = $request->query
->all();
$excluded_paths = array_filter(preg_split('/\\r\\n|\\r|\\n/', $config
->get('excluded_paths')));
$excluded_paths[] = $config
->get('auth_path');
foreach ($excluded_paths as $path) {
$path = trim($path);
$path_parts = UrlHelper::parse($path);
$path_parts['path'] = mb_strtolower($path_parts['path']);
$current_checks = [
$this->pathMatcher
->matchPath($current_path, $path_parts['path']),
$this->pathMatcher
->matchPath($current_path_alias, $path_parts['path']),
];
if (!empty($path_parts['query'])) {
if (in_array(TRUE, $current_checks)) {
// Path matched an exclusion. Now check for matching query parameters.
if (count(array_intersect($current_path_parameters, $path_parts['query'])) === count($path_parts['query'])) {
return FALSE;
}
}
}
elseif (in_array(TRUE, $current_checks)) {
// Path matched an exclusion. No query parameters to check.
return FALSE;
}
}
return TRUE;
}