private function RequireLoginSubscriber::checkLogin in Require Login 8.2
Same name and namespace in other branches
- 8 src/EventSubscriber/RequireLoginSubscriber.php \Drupal\require_login\EventSubscriber\RequireLoginSubscriber::checkLogin()
Check login authentication enforcement for current request.
Parameters
\Symfony\Component\HttpKernel\Event\GetResponseEvent $event: The event response.
\Drupal\Core\Config\ImmutableConfig $config: The configuration object.
\Symfony\Component\HttpFoundation\Request $request: The HTTP request.
Return value
bool Return FALSE if authentication isn't required. Otherwise TRUE.
1 call to RequireLoginSubscriber::checkLogin()
- RequireLoginSubscriber::loginRedirect in src/
EventSubscriber/ RequireLoginSubscriber.php - Prepare login redirect response.
File
- src/
EventSubscriber/ RequireLoginSubscriber.php, line 148
Class
- RequireLoginSubscriber
- Login requirement.
Namespace
Drupal\require_login\EventSubscriberCode
private function checkLogin(GetResponseEvent $event, ImmutableConfig $config, Request $request) {
// Check event exception status codes.
if ($event instanceof GetResponseForExceptionEvent) {
/** @var \Symfony\Component\HttpKernel\Exception\HttpException $exception */
$exception = $event
->getException();
switch ($exception
->getStatusCode()) {
case '403':
if ($config
->get('excluded_403')) {
return FALSE;
}
break;
case '404':
if ($config
->get('excluded_404')) {
return FALSE;
}
break;
}
}
/** @var \Symfony\Component\Routing\Route $route */
$route = $request
->get('_route_object');
// Default authentication exclusions.
if ($route instanceof Route && $route
->hasRequirement('_user_is_logged_in') && $route
->getRequirement('_user_is_logged_in') === 'FALSE') {
return FALSE;
}
$route_name = $request
->get('_route');
$default_checks = [
// Check if CLI environment.
PHP_SAPI === 'cli',
// Check system.cron route.
$route_name === 'system.cron',
// Check system.db_update route (/update.php).
$route_name === 'system.db_update',
// Check user.* routes (/user/*).
$route_name === 'user.register' || $route_name === 'user.pass' || substr($route_name, 0, 10) === 'user.reset',
// Check image.style_* routes.
$route_name === 'image.style_public' || $route_name === 'image.style_private',
];
$this->moduleHandler
->alter('require_login_authcheck', $default_checks);
if (in_array(TRUE, $default_checks)) {
return FALSE;
}
// Configurable route name exclusions.
$excluded_routes = array_filter(preg_split('/\\r\\n|\\r|\\n/', $config
->get('excluded_routes')));
if (in_array($route_name, $excluded_routes)) {
return FALSE;
}
// Configurable node type exclusions.
if ($route_name === 'entity.node.canonical' && ($node_types = $config
->get('excluded_node_types'))) {
if (($node = $this->routeMatch
->getParameter('node')) && in_array($node
->bundle(), $node_types, TRUE)) {
return FALSE;
}
}
// Configurable path exclusions.
$current_path = $this->currentPath
->getPath($request);
$current_path_alias = $this->aliasManager
->getAliasByPath($current_path);
$current_path_parameters = $request->query
->all();
$excluded_paths = array_filter(preg_split('/\\r\\n|\\r|\\n/', $config
->get('excluded_paths')));
$excluded_paths[] = $config
->get('auth_path');
foreach ($excluded_paths as $path) {
$path = trim($path);
$path_parts = UrlHelper::parse($path);
$path_parts['path'] = mb_strtolower($path_parts['path']);
$current_checks = [
$this->pathMatcher
->matchPath($current_path, $path_parts['path']),
$this->pathMatcher
->matchPath($current_path_alias, $path_parts['path']),
];
if (!empty($path_parts['query'])) {
if (in_array(TRUE, $current_checks)) {
// Path matched an exclusion. Now check for matching query parameters.
if (count(array_intersect($current_path_parameters, $path_parts['query'])) === count($path_parts['query'])) {
return FALSE;
}
}
}
elseif (in_array(TRUE, $current_checks)) {
// Path matched an exclusion. No query parameters to check.
return FALSE;
}
}
return TRUE;
}