class MagicLoginController in Open Social 10.2.x
Same name and namespace in other branches
- 8.9 modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
- 8.5 modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
- 8.6 modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
- 8.7 modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
- 8.8 modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
- 10.3.x modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
- 10.0.x modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
- 10.1.x modules/custom/social_magic_login/src/Controller/MagicLoginController.php \Drupal\social_magic_login\Controller\MagicLoginController
Class MagicLoginController.
Hierarchy
- class \Drupal\Core\Controller\ControllerBase implements ContainerInjectionInterface uses LoggerChannelTrait, MessengerTrait, RedirectDestinationTrait, StringTranslationTrait
- class \Drupal\social_magic_login\Controller\MagicLoginController
Expanded class hierarchy of MagicLoginController
File
- modules/
custom/ social_magic_login/ src/ Controller/ MagicLoginController.php, line 18
Namespace
Drupal\social_magic_login\ControllerView source
class MagicLoginController extends ControllerBase {
/**
* The user storage.
*
* @var \Drupal\user\UserStorageInterface
*/
protected $userStorage;
/**
* The logger service.
*
* @var \Psr\Log\LoggerInterface
*/
protected $logger;
/**
* MagicLoginController constructor.
*
* @param \Drupal\user\UserStorageInterface $user_storage
* The user storage.
* @param \Psr\Log\LoggerInterface $logger
* The logger service.
* @param \Drupal\Core\Extension\ModuleHandler $module_handler
* The module handler service.
*/
public function __construct(UserStorageInterface $user_storage, LoggerInterface $logger, ModuleHandler $module_handler) {
$this->userStorage = $user_storage;
$this->logger = $logger;
$this->moduleHandler = $module_handler;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container) {
return new static($container
->get('entity_type.manager')
->getStorage('user'), $container
->get('logger.factory')
->get('user'), $container
->get('module_handler'));
}
/**
* Login.
*
* @param int $uid
* User ID of the user requesting reset.
* @param int $timestamp
* The current timestamp.
* @param string $hash
* Login link hash.
* @param string $destination
* The final destination the user needs to end up as an encoded string.
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse
* The redirect response.
*
* @see \Drupal\user\Controller\UserController::resetPassLogin
*/
public function login($uid, $timestamp, $hash, $destination) : ?RedirectResponse {
/** @var \Drupal\user\UserInterface $user */
$user = $this->userStorage
->load($uid);
// Verify that the user exists and is active.
if ($user === NULL || !$user
->isActive() || $user
->isAnonymous()) {
throw new AccessDeniedHttpException();
}
// Get the current user and check if this user is authenticated and same as
// the user for the login link.
$current_user = $this
->currentUser();
if ($current_user
->isAuthenticated() && $current_user
->id() !== $uid) {
$this
->messenger()
->addWarning($this
->t('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href=":logout">log out</a> and try using the link again.', [
'%other_user' => $current_user
->getAccountName(),
'%resetting_user' => $user
->getAccountName(),
':logout' => Url::fromRoute('user.logout'),
]));
throw new AccessDeniedHttpException();
}
// Get the destination for the redirect result.
$destination = base64_decode($destination);
// The current user is not logged in, so check the parameters.
$currentTime = \Drupal::time()
->getRequestTime();
// Time out, in seconds, until login URL expires.
$timeout = $this
->config('user.settings')
->get('password_reset_timeout');
// If the user has logged in before then the link may have timed out.
// Also check that we don't have an invalid link.
if ($user
->getLastLoginTime() && $currentTime - $timestamp > $timeout || ($timestamp > $currentTime || $timestamp < $user
->getLastLoginTime())) {
$this
->messenger()
->addError($this
->t('You have tried to use a one-time link that has expired.'));
return $this
->redirect('user.login', [], [
'query' => [
'destination' => $destination,
],
]);
}
// Ensure the hash from the route is checked.
if (!hash_equals($hash, user_pass_rehash($user, $timestamp))) {
$this
->messenger()
->addError($this
->t('You have tried to use a one-time link that is invalid.'));
return $this
->redirect('user.login', [], [
'query' => [
'destination' => $destination,
],
]);
}
// It's safe to finalize the login now.
// Hashes are checked, link is still valid and
// we are sure it is the correct user.
user_login_finalize($user);
// When the user hasn't set a password, redirect the user to
// the set passwords page. This now includes users that have
// registered through social login possibilities.
if (NULL === $user
->getPassword()) {
$message_set_password = $this
->t('You need to set your password in order to log in.');
if ($this
->dataPolicyConsensus() === FALSE) {
// Set a different text when the user still needs to comply to
// the data policy.
$message_set_password = $this
->t('Before you can log in and set your password, you need to agree to the data policy.');
}
$this
->messenger()
->addStatus($message_set_password);
$this->logger
->notice('User %name used magic login link at time %timestamp but needs to set a password.', [
'%name' => $user
->getDisplayName(),
'%timestamp' => $timestamp,
]);
// This mirrors the UserController::resetPassLogin redirect which
// allows a user to set a password without the current password check.
$token = Crypt::randomBytesBase64(55);
$_SESSION['pass_reset_' . $user
->id()] = $token;
return $this
->redirect('entity.user.edit_form', [
'user' => $user
->id(),
], [
'query' => [
'pass-reset-token' => $token,
'destination' => $destination,
],
'absolute' => TRUE,
]);
}
$this->logger
->notice('User %name used one-time login link at time %timestamp.', [
'%name' => $user
->getDisplayName(),
'%timestamp' => $timestamp,
]);
$this
->messenger()
->addStatus($this
->t('You have just used your one-time login link. It is no longer necessary to use this link to log in.'));
return new RedirectResponse($destination);
}
/**
* Check if user gave consent on a current version of data policy.
*
* @return bool
* TRUE if consent is needed.
*/
protected function dataPolicyConsensus() : bool {
// Check if the Data Policy module is enabled.
if ($this->moduleHandler
->moduleExists('data_policy')) {
// When it's enabled, load the data policy manager service and check
// if consent is (still) needed.
$data_policy_manager = \Drupal::service('data_policy.manager');
return $data_policy_manager
->hasGivenConsent();
}
return TRUE;
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
ControllerBase:: |
protected | property | The configuration factory. | |
ControllerBase:: |
protected | property | The current user service. | 1 |
ControllerBase:: |
protected | property | The entity form builder. | |
ControllerBase:: |
protected | property | The entity type manager. | |
ControllerBase:: |
protected | property | The form builder. | 2 |
ControllerBase:: |
protected | property | The key-value storage. | 1 |
ControllerBase:: |
protected | property | The language manager. | 1 |
ControllerBase:: |
protected | property | The module handler. | 2 |
ControllerBase:: |
protected | property | The state service. | |
ControllerBase:: |
protected | function | Returns the requested cache bin. | |
ControllerBase:: |
protected | function | Retrieves a configuration object. | |
ControllerBase:: |
private | function | Returns the service container. | |
ControllerBase:: |
protected | function | Returns the current user. | 1 |
ControllerBase:: |
protected | function | Retrieves the entity form builder. | |
ControllerBase:: |
protected | function | Retrieves the entity type manager. | |
ControllerBase:: |
protected | function | Returns the form builder service. | 2 |
ControllerBase:: |
protected | function | Returns a key/value storage collection. | 1 |
ControllerBase:: |
protected | function | Returns the language manager service. | 1 |
ControllerBase:: |
protected | function | Returns the module handler. | 2 |
ControllerBase:: |
protected | function | Returns a redirect response object for the specified route. | |
ControllerBase:: |
protected | function | Returns the state storage service. | |
LoggerChannelTrait:: |
protected | property | The logger channel factory service. | |
LoggerChannelTrait:: |
protected | function | Gets the logger for a specific channel. | |
LoggerChannelTrait:: |
public | function | Injects the logger channel factory. | |
MagicLoginController:: |
protected | property | The logger service. | |
MagicLoginController:: |
protected | property | The user storage. | |
MagicLoginController:: |
public static | function |
Instantiates a new instance of this class. Overrides ControllerBase:: |
|
MagicLoginController:: |
protected | function | Check if user gave consent on a current version of data policy. | |
MagicLoginController:: |
public | function | Login. | |
MagicLoginController:: |
public | function | MagicLoginController constructor. | |
MessengerTrait:: |
protected | property | The messenger. | 27 |
MessengerTrait:: |
public | function | Gets the messenger. | 27 |
MessengerTrait:: |
public | function | Sets the messenger. | |
RedirectDestinationTrait:: |
protected | property | The redirect destination service. | 1 |
RedirectDestinationTrait:: |
protected | function | Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url. | |
RedirectDestinationTrait:: |
protected | function | Returns the redirect destination service. | |
RedirectDestinationTrait:: |
public | function | Sets the redirect destination service. | |
StringTranslationTrait:: |
protected | property | The string translation service. | 4 |
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. |