annotate core/modules/user/src/Authentication/Provider/Cookie.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents 4c8ae668cc8c
children
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\user\Authentication\Provider;
Chris@0 4
Chris@0 5 use Drupal\Core\Authentication\AuthenticationProviderInterface;
Chris@0 6 use Drupal\Core\Database\Connection;
Chris@0 7 use Drupal\Core\Session\AccountInterface;
Chris@0 8 use Drupal\Core\Session\UserSession;
Chris@0 9 use Drupal\Core\Session\SessionConfigurationInterface;
Chris@0 10 use Symfony\Component\HttpFoundation\Request;
Chris@0 11 use Symfony\Component\HttpFoundation\Session\SessionInterface;
Chris@0 12
Chris@0 13 /**
Chris@0 14 * Cookie based authentication provider.
Chris@0 15 */
Chris@0 16 class Cookie implements AuthenticationProviderInterface {
Chris@0 17
Chris@0 18 /**
Chris@0 19 * The session configuration.
Chris@0 20 *
Chris@0 21 * @var \Drupal\Core\Session\SessionConfigurationInterface
Chris@0 22 */
Chris@0 23 protected $sessionConfiguration;
Chris@0 24
Chris@0 25 /**
Chris@0 26 * The database connection.
Chris@0 27 *
Chris@0 28 * @var \Drupal\Core\Database\Connection
Chris@0 29 */
Chris@0 30 protected $connection;
Chris@0 31
Chris@0 32 /**
Chris@0 33 * Constructs a new cookie authentication provider.
Chris@0 34 *
Chris@0 35 * @param \Drupal\Core\Session\SessionConfigurationInterface $session_configuration
Chris@0 36 * The session configuration.
Chris@0 37 * @param \Drupal\Core\Database\Connection $connection
Chris@0 38 * The database connection.
Chris@0 39 */
Chris@0 40 public function __construct(SessionConfigurationInterface $session_configuration, Connection $connection) {
Chris@0 41 $this->sessionConfiguration = $session_configuration;
Chris@0 42 $this->connection = $connection;
Chris@0 43 }
Chris@0 44
Chris@0 45 /**
Chris@0 46 * {@inheritdoc}
Chris@0 47 */
Chris@0 48 public function applies(Request $request) {
Chris@0 49 return $request->hasSession() && $this->sessionConfiguration->hasSession($request);
Chris@0 50 }
Chris@0 51
Chris@0 52 /**
Chris@0 53 * {@inheritdoc}
Chris@0 54 */
Chris@0 55 public function authenticate(Request $request) {
Chris@0 56 return $this->getUserFromSession($request->getSession());
Chris@0 57 }
Chris@0 58
Chris@0 59 /**
Chris@0 60 * Returns the UserSession object for the given session.
Chris@0 61 *
Chris@0 62 * @param \Symfony\Component\HttpFoundation\Session\SessionInterface $session
Chris@0 63 * The session.
Chris@0 64 *
Chris@0 65 * @return \Drupal\Core\Session\AccountInterface|null
Chris@0 66 * The UserSession object for the current user, or NULL if this is an
Chris@0 67 * anonymous session.
Chris@0 68 */
Chris@0 69 protected function getUserFromSession(SessionInterface $session) {
Chris@0 70 if ($uid = $session->get('uid')) {
Chris@0 71 // @todo Load the User entity in SessionHandler so we don't need queries.
Chris@0 72 // @see https://www.drupal.org/node/2345611
Chris@0 73 $values = $this->connection
Chris@0 74 ->query('SELECT * FROM {users_field_data} u WHERE u.uid = :uid AND u.default_langcode = 1', [':uid' => $uid])
Chris@0 75 ->fetchAssoc();
Chris@0 76
Chris@0 77 // Check if the user data was found and the user is active.
Chris@0 78 if (!empty($values) && $values['status'] == 1) {
Chris@0 79 // Add the user's roles.
Chris@0 80 $rids = $this->connection
Chris@0 81 ->query('SELECT roles_target_id FROM {user__roles} WHERE entity_id = :uid', [':uid' => $values['uid']])
Chris@0 82 ->fetchCol();
Chris@0 83 $values['roles'] = array_merge([AccountInterface::AUTHENTICATED_ROLE], $rids);
Chris@0 84
Chris@0 85 return new UserSession($values);
Chris@0 86 }
Chris@0 87 }
Chris@0 88
Chris@0 89 // This is an anonymous session.
Chris@0 90 return NULL;
Chris@0 91 }
Chris@0 92
Chris@0 93 }