class Cookie
Same name and namespace in other branches
- 9 core/modules/user/src/Authentication/Provider/Cookie.php \Drupal\user\Authentication\Provider\Cookie
- 8.9.x core/modules/user/src/Authentication/Provider/Cookie.php \Drupal\user\Authentication\Provider\Cookie
- 11.x core/modules/user/src/Authentication/Provider/Cookie.php \Drupal\user\Authentication\Provider\Cookie
Cookie based authentication provider.
Hierarchy
- class \Drupal\user\Authentication\Provider\Cookie implements \Drupal\Core\Authentication\AuthenticationProviderInterface, \Symfony\Component\EventDispatcher\EventSubscriberInterface uses \Drupal\Core\StringTranslation\StringTranslationTrait
Expanded class hierarchy of Cookie
1 file declares its use of Cookie
- UserAuthTest.php in core/
modules/ user/ tests/ src/ Unit/ UserAuthTest.php
20 string references to 'Cookie'
- AuthenticationManagerTest::providerTestDefaultFilter in core/
tests/ Drupal/ Tests/ Core/ Authentication/ AuthenticationManagerTest.php - Provides data to self::testDefaultFilter().
- ConfigDependenciesTest::providerBasicDependencies in core/
modules/ rest/ tests/ src/ Kernel/ Entity/ ConfigDependenciesTest.php - ConfigDependenciesTest::providerOnDependencyRemovalForResourceGranularity in core/
modules/ rest/ tests/ src/ Kernel/ Entity/ ConfigDependenciesTest.php - ConfigDependenciesTest::testOnDependencyRemovalRemoveAuth in core/
modules/ rest/ tests/ src/ Kernel/ Entity/ ConfigDependenciesTest.php - @covers ::onDependencyRemoval @covers ::onDependencyRemovalForMethodGranularity
- EntityResourceTestBase::assert406Response in core/
modules/ rest/ tests/ src/ Functional/ EntityResource/ EntityResourceTestBase.php - Asserts a 406 response… or in some cases a 403 response, because weirdness.
1 service uses Cookie
- user.authentication.cookie in core/
modules/ user/ user.services.yml - Drupal\user\Authentication\Provider\Cookie
File
-
core/
modules/ user/ src/ Authentication/ Provider/ Cookie.php, line 24
Namespace
Drupal\user\Authentication\ProviderView source
class Cookie implements AuthenticationProviderInterface, EventSubscriberInterface {
use StringTranslationTrait;
/**
* The session configuration.
*
* @var \Drupal\Core\Session\SessionConfigurationInterface
*/
protected $sessionConfiguration;
/**
* The database connection.
*
* @var \Drupal\Core\Database\Connection
*/
protected $connection;
/**
* The messenger.
*
* @var \Drupal\Core\Messenger\MessengerInterface
*/
protected $messenger;
/**
* Constructs a new cookie authentication provider.
*
* @param \Drupal\Core\Session\SessionConfigurationInterface $session_configuration
* The session configuration.
* @param \Drupal\Core\Database\Connection $connection
* The database connection.
* @param \Drupal\Core\Messenger\MessengerInterface $messenger
* The messenger.
*/
public function __construct(SessionConfigurationInterface $session_configuration, Connection $connection, MessengerInterface $messenger) {
$this->sessionConfiguration = $session_configuration;
$this->connection = $connection;
$this->messenger = $messenger;
}
/**
* {@inheritdoc}
*/
public function applies(Request $request) {
$applies = $request->hasSession() && $this->sessionConfiguration
->hasSession($request);
if (!$applies && $request->query
->has('check_logged_in')) {
$domain = ltrim(ini_get('session.cookie_domain'), '.') ?: $request->getHttpHost();
$this->messenger
->addMessage($this->t('To log in to this site, your browser must accept cookies from the domain %domain.', [
'%domain' => $domain,
]), 'error');
}
return $applies;
}
/**
* {@inheritdoc}
*/
public function authenticate(Request $request) {
return $this->getUserFromSession($request->getSession());
}
/**
* Returns the UserSession object for the given session.
*
* @param \Symfony\Component\HttpFoundation\Session\SessionInterface $session
* The session.
*
* @return \Drupal\Core\Session\AccountInterface|null
* The UserSession object for the current user, or NULL if this is an
* anonymous session.
*/
protected function getUserFromSession(SessionInterface $session) {
if ($uid = $session->get('uid')) {
// @todo Load the User entity in SessionHandler so we don't need queries.
// @see https://www.drupal.org/node/2345611
$values = $this->connection
->query('SELECT * FROM {users_field_data} [u] WHERE [u].[uid] = :uid AND [u].[default_langcode] = 1', [
':uid' => $uid,
])
->fetchAssoc();
// Check if the user data was found and the user is active.
if (!empty($values) && $values['status'] == 1) {
// Add the user's roles.
$rids = $this->connection
->query('SELECT [roles_target_id] FROM {user__roles} WHERE [entity_id] = :uid', [
':uid' => $values['uid'],
])
->fetchCol();
$values['roles'] = array_merge([
AccountInterface::AUTHENTICATED_ROLE,
], $rids);
return new UserSession($values);
}
}
// This is an anonymous session.
return NULL;
}
/**
* Adds a query parameter to check successful log in redirect URL.
*
* @param \Symfony\Component\HttpKernel\Event\ResponseEvent $event
* The Event to process.
*/
public function addCheckToUrl(ResponseEvent $event) {
$response = $event->getResponse();
if ($response instanceof RedirectResponse && $event->getRequest()
->hasSession()) {
if ($event->getRequest()
->getSession()
->has('check_logged_in')) {
$event->getRequest()
->getSession()
->remove('check_logged_in');
$url = $response->getTargetUrl();
$options = UrlHelper::parse($url);
$options['query']['check_logged_in'] = '1';
$url = $options['path'] . '?' . UrlHelper::buildQuery($options['query']);
if (!empty($options['fragment'])) {
$url .= '#' . $options['fragment'];
}
// In the case of trusted redirect, we have to update the list of
// trusted URLs because here we've just modified its target URL
// which is in the list.
if ($response instanceof TrustedRedirectResponse) {
$response->setTrustedTargetUrl($url);
}
$response->setTargetUrl($url);
}
}
}
/**
* Registers the methods in this class that should be listeners.
*
* @return array
* An array of event listener definitions.
*/
public static function getSubscribedEvents() : array {
$events[KernelEvents::RESPONSE][] = [
'addCheckToUrl',
-1000,
];
return $events;
}
}Members
| Title Sort descending | Modifiers | Object type | Summary | Overrides |
|---|---|---|---|---|
| Cookie::$connection | protected | property | The database connection. | |
| Cookie::$messenger | protected | property | The messenger. | |
| Cookie::$sessionConfiguration | protected | property | The session configuration. | |
| Cookie::addCheckToUrl | public | function | Adds a query parameter to check successful log in redirect URL. | |
| Cookie::applies | public | function | ||
| Cookie::authenticate | public | function | ||
| Cookie::getSubscribedEvents | public static | function | Registers the methods in this class that should be listeners. | |
| Cookie::getUserFromSession | protected | function | Returns the UserSession object for the given session. | |
| Cookie::__construct | public | function | Constructs a new cookie authentication provider. | |
| StringTranslationTrait::$stringTranslation | protected | property | The string translation service. | 3 |
| StringTranslationTrait::formatPlural | protected | function | Formats a string containing a count of items. | |
| StringTranslationTrait::getNumberOfPlurals | protected | function | Returns the number of plurals supported by a given language. | |
| StringTranslationTrait::getStringTranslation | protected | function | Gets the string translation service. | |
| StringTranslationTrait::setStringTranslation | public | function | Sets the string translation service to use. | 2 |
| StringTranslationTrait::t | protected | function | Translates a string to the current language or to a given language. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.