1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace Sinergi\Users\Authentication; |
4
|
|
|
|
5
|
|
|
use Exception; |
6
|
|
|
use Interop\Container\ContainerInterface; |
7
|
|
|
use Psr\Http\Message\ResponseInterface; |
8
|
|
|
use Sinergi\Users\Container; |
9
|
|
|
use Sinergi\Users\Session\SessionController; |
10
|
|
|
use Sinergi\Users\User\UserEntityInterface; |
11
|
|
|
use Sinergi\Users\User\UserRepositoryInterface; |
12
|
|
|
|
13
|
|
|
class AuthenticationController |
14
|
|
|
{ |
15
|
|
|
private $container; |
16
|
|
|
|
17
|
|
View Code Duplication |
public function __construct(ContainerInterface $container) |
|
|
|
|
18
|
|
|
{ |
19
|
|
|
if ($container instanceof Container) { |
20
|
|
|
$this->container = $container; |
21
|
|
|
} else { |
22
|
|
|
$this->container = new Container($container); |
23
|
|
|
} |
24
|
|
|
} |
25
|
|
|
|
26
|
|
|
/** |
27
|
|
|
* @return bool |
28
|
|
|
*/ |
29
|
|
|
public function isAuthenticated() |
30
|
|
|
{ |
31
|
|
|
try { |
32
|
|
|
$this->getAuthenticatedUser(); |
33
|
|
|
|
34
|
|
|
return true; |
35
|
|
|
} catch (Exception $e) { |
36
|
|
|
return false; |
37
|
|
|
} |
38
|
|
|
} |
39
|
|
|
|
40
|
|
|
/** |
41
|
|
|
* @param array $parameters |
42
|
|
|
* @return UserEntity |
43
|
|
|
* @throws AuthenticationException |
44
|
|
|
*/ |
45
|
|
|
public function getUserByEmailAndPassword(array $parameters) |
46
|
|
|
{ |
47
|
|
|
$user = $this->getUserRepository() |
|
|
|
|
48
|
|
|
->findOneByEmail($parameters['email']); |
49
|
|
|
|
50
|
|
|
if ($user instanceof UserEntity && $user->testPassword($parameters['password'])) { |
|
|
|
|
51
|
|
|
return $user; |
52
|
|
|
} |
53
|
|
|
|
54
|
|
|
throw new AuthenticationException(); |
55
|
|
|
} |
56
|
|
|
|
57
|
|
|
public function login(string $email, string $password, bool $isLongSession = false) |
58
|
|
|
{ |
59
|
|
|
/** @var UserRepositoryInterface $userRepository */ |
60
|
|
|
$userRepository = $this->container->get(UserRepositoryInterface::class); |
61
|
|
|
$user = $userRepository->findByEmail($email); |
62
|
|
|
|
63
|
|
|
if (!($user instanceof UserEntityInterface) || !$user->testPassword($password)) { |
64
|
|
|
throw new AuthenticationException('Invalid credentials', 1000); |
65
|
|
|
} |
66
|
|
|
|
67
|
|
|
if (!$user->isActive()) { |
68
|
|
|
switch ($user->getStatus()) { |
69
|
|
|
case UserEntityInterface::STATUS_BANNED: |
70
|
|
|
throw new AuthenticationException('Account banned', 1001); |
71
|
|
|
case UserEntityInterface::STATUS_DELETED: |
72
|
|
|
throw new AuthenticationException('Account deleted', 1002); |
73
|
|
|
default: |
74
|
|
|
throw new AuthenticationException('Account invalid', 1003); |
75
|
|
|
} |
76
|
|
|
} |
77
|
|
|
|
78
|
|
|
$sessionController = new SessionController($this->container); |
79
|
|
|
return $sessionController->createSession($user, $isLongSession); |
80
|
|
|
} |
81
|
|
|
|
82
|
|
|
public function disconnectUser() |
83
|
|
|
{ |
84
|
|
|
$this->getContainer()->getSessionController()->deleteSession(); |
|
|
|
|
85
|
|
|
$this->triggerEvent('user.logout'); |
86
|
|
|
} |
87
|
|
|
|
88
|
|
|
/** |
89
|
|
|
* @return UserEntity |
90
|
|
|
* @throws Exception |
91
|
|
|
*/ |
92
|
|
|
public function getAuthenticatedUser() |
93
|
|
|
{ |
94
|
|
|
if (isset($this->user)) { |
95
|
|
|
return $this->user; |
|
|
|
|
96
|
|
|
} |
97
|
|
|
|
98
|
|
|
$session = $this->getSession(); |
|
|
|
|
99
|
|
|
if ($session instanceof SessionEntity) { |
|
|
|
|
100
|
|
|
|
101
|
|
|
if (!$session->getUser()->isEmailConfirmed()) { |
102
|
|
|
throw new AuthenticationException( |
103
|
|
|
$this->getDictionary() |
|
|
|
|
104
|
|
|
->get('user.authentication.error.email_not_confirmed') |
105
|
|
|
. '<br><a href="#" data-action="resend-confirmation-email">' . $this->getDictionary() |
|
|
|
|
106
|
|
|
->get('user.authentication.error.resend_confirmation_email') |
107
|
|
|
. '</a>' |
108
|
|
|
); |
109
|
|
|
} |
110
|
|
|
|
111
|
|
|
return $this->user = $session->getUser(); |
112
|
|
|
} |
113
|
|
|
|
114
|
|
|
throw new Exception( |
115
|
|
|
$this->getDictionary() |
|
|
|
|
116
|
|
|
->get('user.authentication.error.not_authenticated') |
117
|
|
|
); |
118
|
|
|
} |
119
|
|
|
|
120
|
|
|
/** |
121
|
|
|
* @return bool|UserEntity |
122
|
|
|
* @deprecated |
123
|
|
|
*/ |
124
|
|
|
public function getPendingUser() |
125
|
|
|
{ |
126
|
|
|
|
127
|
|
|
$session = $this->getSession(); |
|
|
|
|
128
|
|
|
if ($session instanceof SessionEntity) { |
|
|
|
|
129
|
|
|
|
130
|
|
|
if ($session->getUser()->isEmailConfirmed()) { |
131
|
|
|
return false; |
132
|
|
|
} |
133
|
|
|
|
134
|
|
|
return $session->getUser(); |
135
|
|
|
} |
136
|
|
|
|
137
|
|
|
return false; |
138
|
|
|
} |
139
|
|
|
|
140
|
|
|
/** |
141
|
|
|
* @return UserEntity|null |
142
|
|
|
*/ |
143
|
|
|
public function getUser() |
144
|
|
|
{ |
145
|
|
|
try { |
146
|
|
|
return $this->getAuthenticatedUser(); |
147
|
|
|
} catch (Exception $e) { |
148
|
|
|
return null; |
149
|
|
|
} |
150
|
|
|
} |
151
|
|
|
|
152
|
|
|
/** |
153
|
|
|
* @param string $event |
154
|
|
|
* |
155
|
|
|
* @return $this |
156
|
|
|
*/ |
157
|
|
|
private function triggerEvent($event) |
158
|
|
|
{ |
159
|
|
|
$this->getContainer()->getEvenementEmitter()->emit($event); |
|
|
|
|
160
|
|
|
|
161
|
|
|
return $this; |
162
|
|
|
} |
163
|
|
|
} |
164
|
|
|
|
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.