You are here

Home » API reference » urllogin 8 » UrlloginController.php

class UrlloginController in urllogin 8

Same name and namespace in other branches
  1. 2.x src/Controller/UrlloginController.php \Drupal\urllogin\Controller\UrlloginController

Controller routines for urllogin routes.

@todo Add option to export csv with First Name and Last Name fields

Hierarchy

Expanded class hierarchy of UrlloginController

File

src/Controller/UrlloginController.php, line 18

Namespace

Drupal\urllogin\Controller
View source 
class UrlloginController extends ControllerBase {

  /**
   * Diagnostic test page for setting up urllogin urls.
   *
   * @param string $urlstring
   *   login string from URL.
   * @param string $dest
   *   Optional destination URL.
   *
   * @return object
   *   Page containing test results
   */
  public function linkTest($urlstring = 'none', $dest = '') {

    // module_load_include('inc', 'urllogin', 'urllogin');.
    module_load_include('inc', 'urllogin', 'urllogin_security');

    // Sanitize.
    $urlstr = Html::escape($urlstring);
    $element = [
      '#markup' => '',
    ];
    $page = "<ul><li>Initial URL string = [{$urlstr}]</li>";
    $resultmsg = "";
    $user = User::load(\Drupal::currentUser()
      ->id());
    $config = $this
      ->config('urllogin.settings');
    $codekey = $config
      ->get('urllogin.codekey');
    $codemin = $config
      ->get('urllogin.codemin');
    $uid = urllogin_decode($urlstr, $codekey, $codemin, urllogin_passphrase(), $resultmsg, $user
      ->get('uid')->value);
    if ($uid > -1) {
      $account = urllogin_testuid($uid, $resultmsg);
    }
    else {
      $account = NULL;
    }
    if ($account != NULL) {

      // Find where to go: get rid of first two arguments and use the rest of
      // the URL as the destination.
      $current_path = \Drupal::service('path.current')
        ->getPath();
      $args = explode('/', $current_path);
      unset($args[0]);
      unset($args[1]);
      unset($args[2]);
      $goto = implode('/', $args);

      // Maintain the original query string.
      $query = $_GET;
      unset($query['q']);
      if (count($query) > 0) {
        $goto .= '?' . implode('&', $query);
      }

      // Check in case this user is already logged in.
      $logged_in = $user
        ->get('uid')->value == $uid;
      if ($logged_in) {
        $resultmsg = t('User %username (%uid) was already logged in. Redirected to: %goto', [
          '%username' => $account
            ->get('name')->value,
          '%uid' => $uid,
          '%goto' => $goto,
        ]);
        \Drupal::logger('urllogin')
          ->notice($resultmsg);
      }
      else {
        $resultmsg = t('Logging in as %username (%uid). Redirected to: %goto', [
          '%username' => $account
            ->get('name')->value,
          '%uid' => $uid,
          '%goto' => $goto,
        ]);
      }

      // Get rid of first two arguments and use the rest of the URL as the
      // destination.
      $page .= "<li>{$resultmsg}</li><li>goto: {$goto}</li></ul>";
    }
    $element['#markup'] .= $page;
    return $element;
  }

  /**
   * Displays status page.
   *
   * Displays the status page that and allows a URL string to be generated for
   * test purposes.
   *
   * @param int $testuid
   *   Optional UID for generating a test URL login string.
   *
   * @return array
   *   Page containing test results
   */
  public function status($testuid = 0) {
    module_load_include('inc', 'urllogin', 'urllogin_security');
    $element = [
      '#markup' => '',
    ];

    // Load config.
    $config = $this
      ->config('urllogin.settings');
    $codekey = $config
      ->get('urllogin.codekey');
    $codemin = $config
      ->get('urllogin.codemin');

    // This will sanitize it as well.
    $uid = (int) $testuid;
    $passphrase = urllogin_passphrase();
    $page = '<ul>';
    $page .= t('<li>Test UID: @uid </li>', [
      '@uid' => $uid,
    ]);
    $page .= t('<li>Passphrase: @passphrase</li>', [
      '@passphrase' => $passphrase,
    ]);
    $page .= t('<li>Current Validation number: @codekey .</li>', [
      '@codekey' => $codekey,
    ]);
    $page .= t('<li>Minimum validation number: @codemin .</li>', [
      '@codemin' => $codemin,
    ]);
    $urlstr = urllogin_encode($uid, $codekey, urllogin_passphrase());
    $route_parameters = [
      'urlstring' => $urlstr,
    ];
    $page .= '<li>' . t('Encoded URL access string: [') . $urlstr . ']</li>';
    $page .= '</ul>';
    $testlink = 'l_test/' . $urlstr;
    $testlink = Link::fromTextAndUrl($testlink, Url::fromRoute('urllogin.l_test', $route_parameters))
      ->toString();
    $testpage = Link::fromTextAndUrl(t('the test page'), Url::fromRoute('urllogin.l_test'))
      ->toString();
    $page .= t('<p>This page can be used to generate individual access strings for testing purposes.
    Simply add the UID of the user to the end of the url for this page, revisit the page and the
    access string will be displayed above.</p> <p>To test the access string,
    use @testpage by appending the access string to it, e.g.: @testlink.</p>', [
      '@testpage' => $testpage,
      '@testlink' => $testlink,
    ]);
    $element['#markup'] .= $page;
    return $element;
  }

  /**
   * Link to download of user access URL's as a csv.
   *
   * A theme template file is needed of the page-urllogin-userlist.csv.tpl
   * containing the single line: < ?php print $content; ? >.
   *
   * @todo test whether profile module is installed and if fields are correct
   * @todo look at integrating with content profile module
   *
   * @return array
   *   Page containing user access URL's as a file of tab separated variables
   */
  public function userList() {
    module_load_include('inc', 'urllogin', 'urllogin_security');
    $codekey = \Drupal::config('urllogin.settings')
      ->get('codekey');
    $passphrase = urllogin_passphrase();
    $thissite = \Drupal::request()
      ->getSchemeAndHttpHost();
    $destination = '/' . \Drupal::config('urllogin.settings')
      ->get('destination');
    $output = "UID, Username, Email, Login URL \n";
    $response = new Response();

    // Tell browser this is not a web page but a file to download.
    $response->headers
      ->set('Content-type', 'text/csv; charset=utf-8');
    $response->headers
      ->set('Content-Disposition', 'inline; filename="userlist.csv"');

    // Load user object for active accounts.
    $ids = \Drupal::entityQuery('user')
      ->condition('status', 1)
      ->execute();
    $users = User::loadMultiple($ids);

    // Generate each row in CSV file.
    foreach ($users as $data) {

      // Check if user has permission to login via url.
      if ($data
        ->hasPermission('login via url')) {

        // Create login url.
        $urlstr = $thissite . '/l/' . urllogin_encode($data->uid->value, $codekey, $passphrase) . $destination;
        $output .= $data->uid->value . "," . $data->name->value . "," . $data->mail->value . "," . $urlstr . "\r\n";
      }
    }
    $response
      ->setContent(render($output));
    return $response;
  }

  /**
   * Returns a render-able array for a test page.
   */
  public function content() {
    $build = [
      '#markup' => $this
        ->t('Hello World!'),
    ];
    return $build;
  }

  /**
   * This is the function that actually performs the login.
   *
   * @param string $urlstring
   *   login string from URL.
   * @param string $arg
   *
   *   The function first validates the URL login string.
   *   If good, then the user is logged in and transferred to the destination
   *   page. Otherwise they are taken to the front page. Results, good or bad,
   *   are logged with watchdog. If the intended user is already logged in,
   *   then redirect will occur even if link is outdated.
   */
  public function login($urlstring = 'none', $arg = NULL) {
    module_load_include('inc', 'urllogin', 'urllogin_security');

    // Sanitize.
    $urlstr = Html::escape($urlstring);
    $resultmsg = "";
    $user = User::load(\Drupal::currentUser()
      ->id());
    $config = $this
      ->config('urllogin.settings');
    $codekey = $config
      ->get('codekey');
    $codemin = $config
      ->get('codemin');
    $uid = urllogin_decode($urlstr, $codekey, $codemin, urllogin_passphrase(), $resultmsg, $user
      ->get('uid')->value);
    if ($uid > -1) {
      $account = urllogin_testuid($uid, $resultmsg);
    }
    else {
      $account = NULL;
    }
    \Drupal::logger('urllogin')
      ->debug($resultmsg);
    if ($account != NULL) {

      // Find where to go: get rid of first two arguments and use the rest of
      // the URL as the destination.
      $current_path = \Drupal::service('path.current')
        ->getPath();
      $args = explode('/', $current_path);
      unset($args[0]);
      unset($args[1]);
      unset($args[2]);
      $goto = implode('/', $args);

      // Maintain the original query string.
      $query = $_GET;
      unset($query['q']);
      if (count($query) > 0) {
        $goto .= '?' . implode('&', $query);
      }

      // Check in case this user is already logged in.
      $logged_in = $user
        ->get('uid')->value == $uid;
      if ($logged_in) {
        $resultmsg = t('User %username (%uid) was already logged in. Redirected to: %goto', [
          '%username' => $account->name,
          '%uid' => $uid,
          '%goto' => $goto,
        ]);
        \Drupal::logger('urllogin')
          ->notice($resultmsg);
      }
      else {
        $account = User::load($uid);

        // Log in user. This function called by user_login_submit() which does
        // stuff that is not needed.
        user_login_finalize($account);
        $user = User::load(\Drupal::currentUser()
          ->id());
        $logged_in = $user
          ->get('uid')->value == $uid;
        if ($logged_in) {
          $resultmsg = t('Logging in as %username (%uid). Redirected to: %goto', [
            '%username' => $account->name,
            '%uid' => $uid,
            '%goto' => $goto,
          ]);
          \Drupal::logger('urllogin')
            ->notice($resultmsg);

          // If persistent_login is installed, then set "remember me".
          if (\Drupal::moduleHandler()
            ->moduleExists('persistent_login')) {
            _persistent_login_create_cookie($account);
          }
        }
        else {
          $resultmsg = t('Failed login as %username (%uid)', [
            '%username' => $account->name,
            '%uid' => $uid,
          ]);
        }
      }
      if ($logged_in) {
        $url = '/';
        $url .= implode('/', $args);
        $redirect = new RedirectResponse(Url::fromUserInput($url)
          ->toString());
        $redirect
          ->send();
      }
    }

    // Logs a notice.
    \Drupal::logger('urllogin')
      ->notice($resultmsg);
    if ($uid == -2) {
      $response = [
        '#markup' => '<h1>' . t('The link you used to access this page has expired.') . '</h1>' . '<p>' . t('If you have created a password, you can log on') . ' ' . Link::fromTextAndUrl(t('here'), Url::fromRoute('user.login'))
          ->toString() . '.</p>',
      ];
      return $response;
    }
    else {
      return $this
        ->redirect('<front>');
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ControllerBase::$configFactory protected property The configuration factory.
ControllerBase::$currentUser protected property The current user service. 1
ControllerBase::$entityFormBuilder protected property The entity form builder.
ControllerBase::$entityManager protected property The entity manager.
ControllerBase::$entityTypeManager protected property The entity type manager.
ControllerBase::$formBuilder protected property The form builder. 2
ControllerBase::$keyValue protected property The key-value storage. 1
ControllerBase::$languageManager protected property The language manager. 1
ControllerBase::$moduleHandler protected property The module handler. 2
ControllerBase::$stateService protected property The state service.
ControllerBase::cache protected function Returns the requested cache bin.
ControllerBase::config protected function Retrieves a configuration object.
ControllerBase::container private function Returns the service container.
ControllerBase::create public static function Instantiates a new instance of this class. Overrides ContainerInjectionInterface::create 40
ControllerBase::currentUser protected function Returns the current user. 1
ControllerBase::entityFormBuilder protected function Retrieves the entity form builder.
ControllerBase::entityManager Deprecated protected function Retrieves the entity manager service.
ControllerBase::entityTypeManager protected function Retrieves the entity type manager.
ControllerBase::formBuilder protected function Returns the form builder service. 2
ControllerBase::keyValue protected function Returns a key/value storage collection. 1
ControllerBase::languageManager protected function Returns the language manager service. 1
ControllerBase::moduleHandler protected function Returns the module handler. 2
ControllerBase::redirect protected function Returns a redirect response object for the specified route. Overrides UrlGeneratorTrait::redirect
ControllerBase::state protected function Returns the state storage service.
LinkGeneratorTrait::$linkGenerator protected property The link generator. 1
LinkGeneratorTrait::getLinkGenerator Deprecated protected function Returns the link generator.
LinkGeneratorTrait::l Deprecated protected function Renders a link to a route given a route name and its parameters.
LinkGeneratorTrait::setLinkGenerator Deprecated public function Sets the link generator service.
LoggerChannelTrait::$loggerFactory protected property The logger channel factory service.
LoggerChannelTrait::getLogger protected function Gets the logger for a specific channel.
LoggerChannelTrait::setLoggerFactory public function Injects the logger channel factory.
MessengerTrait::$messenger protected property The messenger. 29
MessengerTrait::messenger public function Gets the messenger. 29
MessengerTrait::setMessenger public function Sets the messenger.
RedirectDestinationTrait::$redirectDestination protected property The redirect destination service. 1
RedirectDestinationTrait::getDestinationArray protected function Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url.
RedirectDestinationTrait::getRedirectDestination protected function Returns the redirect destination service.
RedirectDestinationTrait::setRedirectDestination public function Sets the redirect destination service.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
UrlGeneratorTrait::$urlGenerator protected property The url generator.
UrlGeneratorTrait::getUrlGenerator Deprecated protected function Returns the URL generator service.
UrlGeneratorTrait::setUrlGenerator Deprecated public function Sets the URL generator service.
UrlGeneratorTrait::url Deprecated protected function Generates a URL or path for a specific route based on the given parameters.
UrlloginController::content public function Returns a render-able array for a test page.
UrlloginController::linkTest public function Diagnostic test page for setting up urllogin urls.
UrlloginController::login public function This is the function that actually performs the login.
UrlloginController::status public function Displays status page.
UrlloginController::userList public function Link to download of user access URL's as a csv.