Source of file RegisterHandler.php
Size: 7,733 Bytes - Last Modified: 2021-12-23T10:53:18+00:00
/var/www/docs.ssmods.com/process/src/src/Security/MemberAuthenticator/RegisterHandler.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274 | <?php namespace Registration\Security\MemberAuthenticator; use SilverStripe\Control\Controller; use SilverStripe\Control\HTTPRequest; use SilverStripe\Control\HTTPResponse; use SilverStripe\Control\RequestHandler; use SilverStripe\Core\Injector\Injector; use SilverStripe\ORM\ValidationResult; use SilverStripe\Security\Authenticator; use SilverStripe\Security\IdentityStore; use SilverStripe\Security\Member; use SilverStripe\Security\MemberAuthenticator\MemberLoginForm; use SilverStripe\Security\Security; /** * Handle login requests from MemberLoginForm */ class RegisterHandler extends RequestHandler { /** * @var Authenticator */ protected $authenticator; /** * @var array */ private static $url_handlers = [ '' => 'register', ]; /** * @var array * @config */ private static $allowed_actions = [ 'register', 'RegisterForm', 'confirm', ]; /** * Link to this handler * * @var string */ protected $link = null; /** * @param string $link The URL to recreate this request handler * @param MemberAuthenticator $authenticator The authenticator to use */ public function __construct($link, MemberAuthenticator $authenticator) { $this->link = $link; $this->authenticator = $authenticator; parent::__construct(); } /** * Return a link to this request handler. * The link returned is supplied in the constructor * * @param null|string $action * @return string */ public function Link($action = null) { $link = Controller::join_links($this->link, $action); $this->extend('updateLink', $link, $action); return $link; } /** * URL handler for the log-in screen * * @return array */ public function register() { return [ 'Form' => $this->registerForm(), ]; } /** * Return the MemberLoginForm form * * @skipUpgrade * @return MemberRegistrationForm */ public function registerForm() { return MemberRegistrationForm::create( $this, get_class($this->authenticator), 'RegisterForm' ); } /** * Login form handler method * * This method is called when the user finishes the login flow * * @param array $data Submitted data * @param MemberRegistrationForm $form * @param HTTPRequest $request * @return HTTPResponse */ public function doRegister($data, MemberRegistrationForm $form, HTTPRequest $request) { $failureMessage = null; $this->extend('beforeRegistration'); // Successful login $member = Member::create(); $form->saveInto($member); /** @var ValidationResult $result */ if ($member->write()) { $this->performLogin($member, $data, $request); // Allow operations on the member after successful login $this->extend('afterRegistration', $member); return $this->redirectAfterSuccessfulRegistration(); } $this->extend('failedRegistration'); $message = implode("; ", array_map( function ($message) { return $message['message']; }, $result->getMessages() )); $form->sessionMessage($message, 'bad'); // Failed login /** @skipUpgrade */ if (array_key_exists('Email', $data)) { $rememberMe = (isset($data['Remember']) && Security::config()->get('autologin_enabled') === true); $this ->getRequest() ->getSession() ->set('SessionForms.MemberLoginForm.Email', $data['Email']) ->set('SessionForms.MemberLoginForm.Remember', $rememberMe); } // Fail to login redirects back to form return $form->getRequestHandler()->redirectBackToForm(); } public function getReturnReferer() { return $this->Link(); } /** * Login in the user and figure out where to redirect the browser. * * The $data has this format * array( * 'AuthenticationMethod' => 'MemberAuthenticator', * 'Email' => 'sam@silverstripe.com', * 'Password' => '1nitialPassword', * 'BackURL' => 'test/link', * [Optional: 'Remember' => 1 ] * ) * * @return HTTPResponse */ protected function redirectAfterSuccessfulRegistration() { $this ->getRequest() ->getSession() ->clear('SessionForms.MemberLoginForm.Email') ->clear('SessionForms.MemberLoginForm.Remember'); $member = Security::getCurrentUser(); if ($member->isPasswordExpired()) { return $this->redirectToChangePassword(); } // Absolute redirection URLs may cause spoofing $backURL = $this->getBackURL(); if ($backURL) { return $this->redirect($backURL); } // If a default login dest has been set, redirect to that. $defaultLoginDest = Security::config()->get('default_registration_dest'); if ($defaultLoginDest) { return $this->redirect($defaultLoginDest); } // Redirect the user to the page where they came from if ($member) { // Welcome message $message = _t( 'SilverStripe\\Security\\Member.WELCOMEBACK', 'Welcome Back, {firstname}', ['firstname' => $member->FirstName] ); Security::singleton()->setSessionMessage($message, ValidationResult::TYPE_GOOD); } // Redirect back return $this->redirectBack(); } /** * Try to authenticate the user * * @param array $data Submitted data * @param HTTPRequest $request * @param ValidationResult $result * @return Member Returns the member object on successful authentication * or NULL on failure. */ public function checkLogin($data, HTTPRequest $request, ValidationResult &$result = null) { $member = $this->authenticator->authenticate($data, $request, $result); if ($member instanceof Member) { return $member; } return null; } /** * Try to authenticate the user * * @param Member $member * @param array $data Submitted data * @param HTTPRequest $request * @return Member Returns the member object on successful authentication * or NULL on failure. */ public function performLogin($member, $data, HTTPRequest $request) { /** IdentityStore */ $rememberMe = (isset($data['Remember']) && Security::config()->get('autologin_enabled')); /** @var IdentityStore $identityStore */ $identityStore = Injector::inst()->get(IdentityStore::class); $identityStore->logIn($member, $rememberMe, $request); return $member; } /** * Invoked if password is expired and must be changed * * @skipUpgrade * @return HTTPResponse */ protected function redirectToChangePassword() { $cp = ChangePasswordForm::create($this, 'ChangePasswordForm'); $cp->sessionMessage( _t('SilverStripe\\Security\\Member.PASSWORDEXPIRED', 'Your password has expired. Please choose a new one.'), 'good' ); $changedPasswordLink = Security::singleton()->Link('changepassword'); return $this->redirect($this->addBackURLParam($changedPasswordLink)); } } |