function user_login_finalize

You are here

7 user.module user_login_finalize(&$edit = array())
8 user.module user_login_finalize(UserInterface $account)

Finalizes the login process and logs in a user.

The function logs in the user, records a watchdog message about the new session, saves the login timestamp, calls hook_user_login(), and generates a new session.

The global $user object is replaced with the passed in account.

Parameters

\Drupal\user\UserInterface $account: The account to log in.

See also

hook_user_login()

4 calls to user_login_finalize()
install_finished in core/includes/install.core.inc
Performs final installation steps and displays a 'finished' page.
RegisterFormController::save in core/modules/user/lib/Drupal/user/RegisterFormController.php
Overrides Drupal\Core\Entity\EntityFormController::submit().
UserLoginForm::submitForm in core/modules/user/lib/Drupal/user/Form/UserLoginForm.php
Form submission handler.
user_pass_reset in core/modules/user/user.pages.inc
Menu callback; process one time login link and redirects to the user page on success.

File

core/modules/user/user.module, line 758
Enables the user registration and login system.

Code

function user_login_finalize(UserInterface $account) {
  global $user;
  $user = $account;
  watchdog('user', 'Session opened for %name.', array('%name' => $account->getUsername()));
  // Update the user table timestamp noting user has logged in.
  // This is also used to invalidate one-time login links.
  $account->setLastLoginTime(REQUEST_TIME);
  \Drupal::entityManager()->getStorage('user')->updateLastLoginTimestamp($account);

  // Regenerate the session ID to prevent against session fixation attacks.
  // This is called before hook_user in case one of those functions fails
  // or incorrectly does a redirect which would leave the old session in place.
  \Drupal::service('session_manager')->regenerate();

  \Drupal::moduleHandler()->invokeAll('user_login', array($account));
}