View source
<?php
namespace Drupal\tfa;
use Drupal\Core\Config\ConfigFactoryInterface;
use Drupal\user\UserDataInterface;
use Drupal\user\UserInterface;
use Symfony\Component\HttpFoundation\Request;
class TfaContext implements TfaContextInterface {
use TfaDataTrait;
use TfaLoginTrait;
protected $tfaValidationManager;
protected $tfaLoginManager;
protected $validationPluginName;
protected $tfaValidationPlugin;
protected $tfaSettings;
protected $user;
protected $userData;
protected $request;
protected $userLoginPlugins;
protected $tfaLoginPlugins;
public function __construct(TfaValidationPluginManager $tfa_validation_manager, TfaLoginPluginManager $tfa_plugin_manager, ConfigFactoryInterface $config_factory, UserInterface $user, UserDataInterface $user_data, Request $request) {
$this->tfaValidationManager = $tfa_validation_manager;
$this->tfaLoginManager = $tfa_plugin_manager;
$this->tfaSettings = $config_factory
->get('tfa.settings');
$this->user = $user;
$this->userData = $user_data;
$this->request = $request;
$this->tfaLoginPlugins = $this->tfaLoginManager
->getPlugins([
'uid' => $user
->id(),
]);
$this->validationPluginName = $this->tfaSettings
->get('default_validation_plugin');
if (!empty($this->validationPluginName)) {
$this->tfaValidationPlugin = $this->tfaValidationManager
->createInstance($this->validationPluginName, [
'uid' => $user
->id(),
]);
$this->userLoginPlugins = $this->tfaLoginManager
->getPlugins([
'uid' => $user
->id(),
]);
}
}
public function getUser() {
return $this->user;
}
public function isModuleSetup() {
return intval($this->tfaSettings
->get('enabled')) && !empty($this->validationPluginName);
}
public function isTfaRequired() {
$user_tfa_data = $this
->tfaGetTfaData($this
->getUser()
->id(), $this->userData);
if (!empty($user_tfa_data['status']) && !empty($user_tfa_data['data']['plugins'])) {
return TRUE;
}
$required_roles = array_filter($this->tfaSettings
->get('required_roles'));
$user_roles = $this
->getUser()
->getRoles();
return (bool) array_intersect($required_roles, $user_roles);
}
public function isReady() {
return isset($this->tfaValidationPlugin) && $this->tfaValidationPlugin
->ready();
}
public function remainingSkips() {
$allowed_skips = intval($this->tfaSettings
->get('validation_skip'));
if (!$allowed_skips) {
return FALSE;
}
$user_tfa_data = $this
->tfaGetTfaData($this
->getUser()
->id(), $this->userData);
$validation_skipped = isset($user_tfa_data['validation_skipped']) ? $user_tfa_data['validation_skipped'] : 0;
return max(0, $allowed_skips - $validation_skipped);
}
public function hasSkipped() {
$user_tfa_data = $this
->tfaGetTfaData($this
->getUser()
->id(), $this->userData);
$validation_skipped = isset($user_tfa_data['validation_skipped']) ? $user_tfa_data['validation_skipped'] : 0;
$user_tfa_data['validation_skipped'] = $validation_skipped + 1;
$this
->tfaSaveTfaData($this
->getUser()
->id(), $this->userData, $user_tfa_data);
}
public function pluginAllowsLogin() {
if (!empty($this->tfaLoginPlugins)) {
foreach ($this->tfaLoginPlugins as $plugin) {
if ($plugin
->loginAllowed()) {
return TRUE;
}
}
}
return FALSE;
}
public function doUserLogin() {
user_login_finalize($this
->getUser());
}
}