Chris@0
|
1 <?php
|
Chris@0
|
2
|
Chris@0
|
3 namespace Drupal\user\Authentication\Provider;
|
Chris@0
|
4
|
Chris@0
|
5 use Drupal\Core\Authentication\AuthenticationProviderInterface;
|
Chris@0
|
6 use Drupal\Core\Database\Connection;
|
Chris@0
|
7 use Drupal\Core\Session\AccountInterface;
|
Chris@0
|
8 use Drupal\Core\Session\UserSession;
|
Chris@0
|
9 use Drupal\Core\Session\SessionConfigurationInterface;
|
Chris@0
|
10 use Symfony\Component\HttpFoundation\Request;
|
Chris@0
|
11 use Symfony\Component\HttpFoundation\Session\SessionInterface;
|
Chris@0
|
12
|
Chris@0
|
13 /**
|
Chris@0
|
14 * Cookie based authentication provider.
|
Chris@0
|
15 */
|
Chris@0
|
16 class Cookie implements AuthenticationProviderInterface {
|
Chris@0
|
17
|
Chris@0
|
18 /**
|
Chris@0
|
19 * The session configuration.
|
Chris@0
|
20 *
|
Chris@0
|
21 * @var \Drupal\Core\Session\SessionConfigurationInterface
|
Chris@0
|
22 */
|
Chris@0
|
23 protected $sessionConfiguration;
|
Chris@0
|
24
|
Chris@0
|
25 /**
|
Chris@0
|
26 * The database connection.
|
Chris@0
|
27 *
|
Chris@0
|
28 * @var \Drupal\Core\Database\Connection
|
Chris@0
|
29 */
|
Chris@0
|
30 protected $connection;
|
Chris@0
|
31
|
Chris@0
|
32 /**
|
Chris@0
|
33 * Constructs a new cookie authentication provider.
|
Chris@0
|
34 *
|
Chris@0
|
35 * @param \Drupal\Core\Session\SessionConfigurationInterface $session_configuration
|
Chris@0
|
36 * The session configuration.
|
Chris@0
|
37 * @param \Drupal\Core\Database\Connection $connection
|
Chris@0
|
38 * The database connection.
|
Chris@0
|
39 */
|
Chris@0
|
40 public function __construct(SessionConfigurationInterface $session_configuration, Connection $connection) {
|
Chris@0
|
41 $this->sessionConfiguration = $session_configuration;
|
Chris@0
|
42 $this->connection = $connection;
|
Chris@0
|
43 }
|
Chris@0
|
44
|
Chris@0
|
45 /**
|
Chris@0
|
46 * {@inheritdoc}
|
Chris@0
|
47 */
|
Chris@0
|
48 public function applies(Request $request) {
|
Chris@0
|
49 return $request->hasSession() && $this->sessionConfiguration->hasSession($request);
|
Chris@0
|
50 }
|
Chris@0
|
51
|
Chris@0
|
52 /**
|
Chris@0
|
53 * {@inheritdoc}
|
Chris@0
|
54 */
|
Chris@0
|
55 public function authenticate(Request $request) {
|
Chris@0
|
56 return $this->getUserFromSession($request->getSession());
|
Chris@0
|
57 }
|
Chris@0
|
58
|
Chris@0
|
59 /**
|
Chris@0
|
60 * Returns the UserSession object for the given session.
|
Chris@0
|
61 *
|
Chris@0
|
62 * @param \Symfony\Component\HttpFoundation\Session\SessionInterface $session
|
Chris@0
|
63 * The session.
|
Chris@0
|
64 *
|
Chris@0
|
65 * @return \Drupal\Core\Session\AccountInterface|null
|
Chris@0
|
66 * The UserSession object for the current user, or NULL if this is an
|
Chris@0
|
67 * anonymous session.
|
Chris@0
|
68 */
|
Chris@0
|
69 protected function getUserFromSession(SessionInterface $session) {
|
Chris@0
|
70 if ($uid = $session->get('uid')) {
|
Chris@0
|
71 // @todo Load the User entity in SessionHandler so we don't need queries.
|
Chris@0
|
72 // @see https://www.drupal.org/node/2345611
|
Chris@0
|
73 $values = $this->connection
|
Chris@0
|
74 ->query('SELECT * FROM {users_field_data} u WHERE u.uid = :uid AND u.default_langcode = 1', [':uid' => $uid])
|
Chris@0
|
75 ->fetchAssoc();
|
Chris@0
|
76
|
Chris@0
|
77 // Check if the user data was found and the user is active.
|
Chris@0
|
78 if (!empty($values) && $values['status'] == 1) {
|
Chris@0
|
79 // Add the user's roles.
|
Chris@0
|
80 $rids = $this->connection
|
Chris@0
|
81 ->query('SELECT roles_target_id FROM {user__roles} WHERE entity_id = :uid', [':uid' => $values['uid']])
|
Chris@0
|
82 ->fetchCol();
|
Chris@0
|
83 $values['roles'] = array_merge([AccountInterface::AUTHENTICATED_ROLE], $rids);
|
Chris@0
|
84
|
Chris@0
|
85 return new UserSession($values);
|
Chris@0
|
86 }
|
Chris@0
|
87 }
|
Chris@0
|
88
|
Chris@0
|
89 // This is an anonymous session.
|
Chris@0
|
90 return NULL;
|
Chris@0
|
91 }
|
Chris@0
|
92
|
Chris@0
|
93 }
|