Mercurial > hg > isophonics-drupal-site
comparison core/modules/user/src/Controller/UserController.php @ 17:129ea1e6d783
Update, including to Drupal core 8.6.10
| author | Chris Cannam |
|---|---|
| date | Thu, 28 Feb 2019 13:21:36 +0000 |
| parents | c2387f117808 |
| children | af1871eacc83 |
comparison
equal
deleted
inserted
replaced
| 16:c2387f117808 | 17:129ea1e6d783 |
|---|---|
| 118 } | 118 } |
| 119 // A different user is already logged in on the computer. | 119 // A different user is already logged in on the computer. |
| 120 else { | 120 else { |
| 121 /** @var \Drupal\user\UserInterface $reset_link_user */ | 121 /** @var \Drupal\user\UserInterface $reset_link_user */ |
| 122 if ($reset_link_user = $this->userStorage->load($uid)) { | 122 if ($reset_link_user = $this->userStorage->load($uid)) { |
| 123 drupal_set_message($this->t('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href=":logout">log out</a> and try using the link again.', | 123 $this->messenger() |
| 124 ['%other_user' => $account->getUsername(), '%resetting_user' => $reset_link_user->getUsername(), ':logout' => $this->url('user.logout')]), 'warning'); | 124 ->addWarning($this->t('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href=":logout">log out</a> and try using the link again.', |
| 125 [ | |
| 126 '%other_user' => $account->getUsername(), | |
| 127 '%resetting_user' => $reset_link_user->getUsername(), | |
| 128 ':logout' => $this->url('user.logout'), | |
| 129 ])); | |
| 125 } | 130 } |
| 126 else { | 131 else { |
| 127 // Invalid one-time link specifies an unknown user. | 132 // Invalid one-time link specifies an unknown user. |
| 128 drupal_set_message($this->t('The one-time login link you clicked is invalid.'), 'error'); | 133 $this->messenger()->addError($this->t('The one-time login link you clicked is invalid.')); |
| 129 } | 134 } |
| 130 return $this->redirect('<front>'); | 135 return $this->redirect('<front>'); |
| 131 } | 136 } |
| 132 } | 137 } |
| 133 | 138 |
| 216 | 221 |
| 217 // Time out, in seconds, until login URL expires. | 222 // Time out, in seconds, until login URL expires. |
| 218 $timeout = $this->config('user.settings')->get('password_reset_timeout'); | 223 $timeout = $this->config('user.settings')->get('password_reset_timeout'); |
| 219 // No time out for first time login. | 224 // No time out for first time login. |
| 220 if ($user->getLastLoginTime() && $current - $timestamp > $timeout) { | 225 if ($user->getLastLoginTime() && $current - $timestamp > $timeout) { |
| 221 drupal_set_message($this->t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'), 'error'); | 226 $this->messenger()->addError($this->t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.')); |
| 222 return $this->redirect('user.pass'); | 227 return $this->redirect('user.pass'); |
| 223 } | 228 } |
| 224 elseif ($user->isAuthenticated() && ($timestamp >= $user->getLastLoginTime()) && ($timestamp <= $current) && Crypt::hashEquals($hash, user_pass_rehash($user, $timestamp))) { | 229 elseif ($user->isAuthenticated() && ($timestamp >= $user->getLastLoginTime()) && ($timestamp <= $current) && Crypt::hashEquals($hash, user_pass_rehash($user, $timestamp))) { |
| 225 user_login_finalize($user); | 230 user_login_finalize($user); |
| 226 $this->logger->notice('User %name used one-time login link at time %timestamp.', ['%name' => $user->getDisplayName(), '%timestamp' => $timestamp]); | 231 $this->logger->notice('User %name used one-time login link at time %timestamp.', ['%name' => $user->getDisplayName(), '%timestamp' => $timestamp]); |
| 227 drupal_set_message($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please change your password.')); | 232 $this->messenger()->addStatus($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please change your password.')); |
| 228 // Let the user's password be changed without the current password | 233 // Let the user's password be changed without the current password |
| 229 // check. | 234 // check. |
| 230 $token = Crypt::randomBytesBase64(55); | 235 $token = Crypt::randomBytesBase64(55); |
| 231 $_SESSION['pass_reset_' . $user->id()] = $token; | 236 $_SESSION['pass_reset_' . $user->id()] = $token; |
| 232 return $this->redirect( | 237 return $this->redirect( |
| 237 'absolute' => TRUE, | 242 'absolute' => TRUE, |
| 238 ] | 243 ] |
| 239 ); | 244 ); |
| 240 } | 245 } |
| 241 | 246 |
| 242 drupal_set_message($this->t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'), 'error'); | 247 $this->messenger()->addError($this->t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.')); |
| 243 return $this->redirect('user.pass'); | 248 return $this->redirect('user.pass'); |
| 244 } | 249 } |
| 245 | 250 |
| 246 /** | 251 /** |
| 247 * Redirects users to their profile page. | 252 * Redirects users to their profile page. |
| 266 * @return string|array | 271 * @return string|array |
| 267 * The user account name as a render array or an empty string if $user is | 272 * The user account name as a render array or an empty string if $user is |
| 268 * NULL. | 273 * NULL. |
| 269 */ | 274 */ |
| 270 public function userTitle(UserInterface $user = NULL) { | 275 public function userTitle(UserInterface $user = NULL) { |
| 271 return $user ? ['#markup' => $user->getUsername(), '#allowed_tags' => Xss::getHtmlTagList()] : ''; | 276 return $user ? ['#markup' => $user->getDisplayName(), '#allowed_tags' => Xss::getHtmlTagList()] : ''; |
| 272 } | 277 } |
| 273 | 278 |
| 274 /** | 279 /** |
| 275 * Logs the current user out. | 280 * Logs the current user out. |
| 276 * | 281 * |
| 313 // needs to be invoked manually and should redirect to the front page | 318 // needs to be invoked manually and should redirect to the front page |
| 314 // after completion. | 319 // after completion. |
| 315 return batch_process('<front>'); | 320 return batch_process('<front>'); |
| 316 } | 321 } |
| 317 else { | 322 else { |
| 318 drupal_set_message(t('You have tried to use an account cancellation link that has expired. Please request a new one using the form below.'), 'error'); | 323 $this->messenger()->addError($this->t('You have tried to use an account cancellation link that has expired. Please request a new one using the form below.')); |
| 319 return $this->redirect('entity.user.cancel_form', ['user' => $user->id()], ['absolute' => TRUE]); | 324 return $this->redirect('entity.user.cancel_form', ['user' => $user->id()], ['absolute' => TRUE]); |
| 320 } | 325 } |
| 321 } | 326 } |
| 322 throw new AccessDeniedHttpException(); | 327 throw new AccessDeniedHttpException(); |
| 323 } | 328 } |