You are here

public function UserEmailVerificationVerify::verify in User email verification 8

Callback to handle user's Email verification.

Parameters

int $uid: User ID to verify email for.

int $timestamp: The timestamp when verification link was generated.

string $hashed_pass: Hashed pass.

1 string reference to 'UserEmailVerificationVerify::verify'
user_email_verification.routing.yml in ./user_email_verification.routing.yml
user_email_verification.routing.yml

File

src/Controller/UserEmailVerificationVerify.php, line 78

Class

UserEmailVerificationVerify
Email verificationVerify controller.

Namespace

Drupal\user_email_verification\Controller

Code

public function verify($uid, $timestamp, $hashed_pass) {
  $uid = (int) $uid;
  $timestamp = (int) $timestamp;
  $timeout = $this->userEmailVerification
    ->getValidateInterval();
  $current = $this->time
    ->getRequestTime();

  // User tries to use verification link that was expired.
  if ($current - $timestamp > $timeout) {
    $this
      ->messenger()
      ->addError($this
      ->t('Your verification link was expired. Request a new one using the form below.'));
    return $this
      ->redirect('user_email_verification.request');
  }
  $verification = $this->userEmailVerification
    ->loadVerificationByUserId($uid);

  // User tries to use verification link that doesn't belong to him
  // or link was created for user which doesn't exist.
  if ($this
    ->currentUser()
    ->isAuthenticated() && $this
    ->currentUser()
    ->id() != $uid || !$verification) {
    $this
      ->messenger()
      ->addError($this
      ->t('Your verification link is incorrect. Request a new one using the form below.'));
    return $this
      ->redirect('user_email_verification.request');
  }

  // Email for requested user was already verified.
  if ($verification['verified']) {
    $this
      ->messenger()
      ->addStatus($this
      ->t('Email is already verified.'));
    return $this
      ->redirect('<front>');
  }
  $user = $this
    ->entityTypeManager()
    ->getStorage('user')
    ->load($uid);

  // User exists and requested hash is correct.
  if ($user instanceof UserInterface && $hashed_pass === $this->userEmailVerification
    ->buildHmac($user
    ->id(), $timestamp)) {
    $this->userEmailVerification
      ->setEmailVerifiedByUserId($user
      ->id());
    $this
      ->messenger()
      ->addStatus($this
      ->t('Thank you for verifying your Email address.'));
    $event = new UserEmailVerificationVerifyEvent($user, $user
      ->isBlocked());
    $this->eventDispatcher
      ->dispatch(UserEmailVerificationEvents::VERIFY, $event);

    // If the user is considered as blocked, notify the administrator and the
    // user. After it redirect to the front page.
    if ($event
      ->notifyAsBlocked()) {
      $this->userEmailVerification
        ->sendVerifyBlockedMail($user);
      $this
        ->messenger()
        ->addWarning($this
        ->t('Your account has been blocked before the verification of the Email. An administrator will make an audit and unblock your account if the reason for the blocking was the Email verification.'));
      return $this
        ->redirect('<front>');
    }
    elseif ($this
      ->currentUser()
      ->isAuthenticated()) {
      return $this
        ->redirect('entity.user.canonical', [
        'user' => $this
          ->currentUser()
          ->id(),
      ]);
    }
    else {
      return $this
        ->redirect('<front>');
    }
  }
  $this
    ->messenger()
    ->addError($this
    ->t('Your verification link is incorrect. Request a new one using the form below.'));
  return $this
    ->redirect('user_email_verification.request');
}