-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathUserProvider.php
More file actions
81 lines (69 loc) · 2.84 KB
/
UserProvider.php
File metadata and controls
81 lines (69 loc) · 2.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
<?php
namespace Bangpound\Bundle\DrupalBundle\Security\User;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
class UserProvider implements UserProviderInterface
{
/**
* {@inheritdoc}
*/
public function loadUserByUsername($username)
{
$account = db_query("SELECT * FROM {users} WHERE name = :name", array(':name' => $username))->fetchObject();
if ($account) {
// This is done to unserialize the data member of $user.
$account->data = unserialize($account->data);
// Add roles element to $user.
$account->roles = array();
$account->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
$account->roles += db_query("SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = :uid", array(':uid' => $account->uid))->fetchAllKeyed(0, 1);
return new User($account);
}
throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
}
/**
* {@inheritdoc}
*/
public function refreshUser(UserInterface $user)
{
if (!$user instanceof User) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user)));
}
$GLOBALS['user'] = $user->getDrupalUser();
date_default_timezone_set(drupal_get_user_timezone());
return $this->loadUserByUsername($user->getUsername());
}
/**
* {@inheritdoc}
*/
public function supportsClass($class)
{
return $class === 'Bangpound\Bundle\DrupalBundle\Security\User\User';
}
/**
* @see user_pass_reset()
* @param $uid
* @param $timestamp
* @param $hashed_pass
* @internal param $token
* @return User
*/
public function getUsernameForHashedPassword($uid, $timestamp, $hashed_pass)
{
// Time out, in seconds, until login URL expires. Defaults to 24 hours =
// 86400 seconds.
$timeout = variable_get('user_password_reset_timeout', 86400);
$current = REQUEST_TIME;
// Some redundant checks for extra security ?
$users = user_load_multiple(array($uid), array('status' => '1'));
if ($timestamp <= $current && $account = reset($users)) {
// No time out for first time login.
if ($account->login && $current - $timestamp > $timeout) {
} elseif ($account->uid && $timestamp >= $account->login && $timestamp <= $current && $hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login)) {
return $account->name;
}
}
}
}