Magento Extensions Rating 2024
Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
LoginPost.php
Go to the documentation of this file.
1 <?php
7 namespace Magento\Customer\Controller\Account;
8 
9 use Magento\Framework\App\Action\HttpPostActionInterface as HttpPostActionInterface;
10 use Magento\Customer\Model\Account\Redirect as AccountRedirect;
11 use Magento\Framework\App\Action\Context;
12 use Magento\Customer\Model\Session;
13 use Magento\Customer\Api\AccountManagementInterface;
14 use Magento\Customer\Model\Url as CustomerUrl;
15 use Magento\Framework\App\CsrfAwareActionInterface;
16 use Magento\Framework\App\Request\InvalidRequestException;
17 use Magento\Framework\App\RequestInterface;
18 use Magento\Framework\Controller\Result\Redirect;
19 use Magento\Framework\Exception\EmailNotConfirmedException;
20 use Magento\Framework\Exception\AuthenticationException;
21 use Magento\Framework\Data\Form\FormKey\Validator;
22 use Magento\Framework\Exception\LocalizedException;
23 use Magento\Framework\Exception\State\UserLockedException;
24 use Magento\Framework\App\Config\ScopeConfigInterface;
25 use Magento\Customer\Controller\AbstractAccount;
26 use Magento\Framework\Phrase;
27 
31 class LoginPost extends AbstractAccount implements CsrfAwareActionInterface, HttpPostActionInterface
32 {
36  protected $customerAccountManagement;
37 
41  protected $formKeyValidator;
42 
46  protected $accountRedirect;
47 
51  protected $session;
52 
56  private $scopeConfig;
57 
61  private $cookieMetadataFactory;
62 
66  private $cookieMetadataManager;
67 
76  public function __construct(
77  Context $context,
78  Session $customerSession,
79  AccountManagementInterface $customerAccountManagement,
80  CustomerUrl $customerHelperData,
81  Validator $formKeyValidator,
82  AccountRedirect $accountRedirect
83  ) {
84  $this->session = $customerSession;
85  $this->customerAccountManagement = $customerAccountManagement;
86  $this->customerUrl = $customerHelperData;
87  $this->formKeyValidator = $formKeyValidator;
88  $this->accountRedirect = $accountRedirect;
89  parent::__construct($context);
90  }
91 
98  private function getScopeConfig()
99  {
100  if (!($this->scopeConfig instanceof \Magento\Framework\App\Config\ScopeConfigInterface)) {
101  return \Magento\Framework\App\ObjectManager::getInstance()->get(
102  \Magento\Framework\App\Config\ScopeConfigInterface::class
103  );
104  } else {
105  return $this->scopeConfig;
106  }
107  }
108 
115  private function getCookieManager()
116  {
117  if (!$this->cookieMetadataManager) {
118  $this->cookieMetadataManager = \Magento\Framework\App\ObjectManager::getInstance()->get(
119  \Magento\Framework\Stdlib\Cookie\PhpCookieManager::class
120  );
121  }
122  return $this->cookieMetadataManager;
123  }
124 
131  private function getCookieMetadataFactory()
132  {
133  if (!$this->cookieMetadataFactory) {
134  $this->cookieMetadataFactory = \Magento\Framework\App\ObjectManager::getInstance()->get(
135  \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory::class
136  );
137  }
138  return $this->cookieMetadataFactory;
139  }
140 
144  public function createCsrfValidationException(
145  RequestInterface $request
146  ): ?InvalidRequestException {
148  $resultRedirect = $this->resultRedirectFactory->create();
149  $resultRedirect->setPath('*/*/');
150 
151  return new InvalidRequestException(
152  $resultRedirect,
153  [new Phrase('Invalid Form Key. Please refresh the page.')]
154  );
155  }
156 
160  public function validateForCsrf(RequestInterface $request): ?bool
161  {
162  return null;
163  }
164 
171  public function execute()
172  {
173  if ($this->session->isLoggedIn() || !$this->formKeyValidator->validate($this->getRequest())) {
175  $resultRedirect = $this->resultRedirectFactory->create();
176  $resultRedirect->setPath('*/*/');
177  return $resultRedirect;
178  }
179 
180  if ($this->getRequest()->isPost()) {
181  $login = $this->getRequest()->getPost('login');
182  if (!empty($login['username']) && !empty($login['password'])) {
183  try {
184  $customer = $this->customerAccountManagement->authenticate($login['username'], $login['password']);
185  $this->session->setCustomerDataAsLoggedIn($customer);
186  $this->session->regenerateId();
187  if ($this->getCookieManager()->getCookie('mage-cache-sessid')) {
188  $metadata = $this->getCookieMetadataFactory()->createCookieMetadata();
189  $metadata->setPath('/');
190  $this->getCookieManager()->deleteCookie('mage-cache-sessid', $metadata);
191  }
192  $redirectUrl = $this->accountRedirect->getRedirectCookie();
193  if (!$this->getScopeConfig()->getValue('customer/startup/redirect_dashboard') && $redirectUrl) {
194  $this->accountRedirect->clearRedirectCookie();
195  $resultRedirect = $this->resultRedirectFactory->create();
196  // URL is checked to be internal in $this->_redirect->success()
197  $resultRedirect->setUrl($this->_redirect->success($redirectUrl));
198  return $resultRedirect;
199  }
200  } catch (EmailNotConfirmedException $e) {
201  $value = $this->customerUrl->getEmailConfirmationUrl($login['username']);
202  $message = __(
203  'This account is not confirmed. <a href="%1">Click here</a> to resend confirmation email.',
204  $value
205  );
206  } catch (UserLockedException $e) {
207  $message = __(
208  'The account sign-in was incorrect or your account is disabled temporarily. '
209  . 'Please wait and try again later.'
210  );
211  } catch (AuthenticationException $e) {
212  $message = __(
213  'The account sign-in was incorrect or your account is disabled temporarily. '
214  . 'Please wait and try again later.'
215  );
216  } catch (LocalizedException $e) {
217  $message = $e->getMessage();
218  } catch (\Exception $e) {
219  // PA DSS violation: throwing or logging an exception here can disclose customer password
220  $this->messageManager->addError(
221  __('An unspecified error occurred. Please contact us for assistance.')
222  );
223  } finally {
224  if (isset($message)) {
225  $this->messageManager->addError($message);
226  $this->session->setUsername($login['username']);
227  }
228  }
229  } else {
230  $this->messageManager->addError(__('A login and a password are required.'));
231  }
232  }
233 
234  return $this->accountRedirect->getRedirect();
235  }
236 }
Magento\Framework\App\Action\Action\_redirect
_redirect($path, $arguments=[])
Definition: Action.php:167
Magento\Customer\Controller\Account\LoginPost\__construct
__construct(Context $context, Session $customerSession, AccountManagementInterface $customerAccountManagement, CustomerUrl $customerHelperData, Validator $formKeyValidator, AccountRedirect $accountRedirect)
Definition: LoginPost.php:76
$customer
$customer
Definition: customers.php:11
__
__()
Definition: __.php:13
Magento\Customer\Controller\Account\LoginPost
Definition: LoginPost.php:31
$message
$message
Definition: notifications.php:7
Magento\Customer\Controller\Account\LoginPost\$accountRedirect
$accountRedirect
Definition: LoginPost.php:46
$value
$value
Definition: gender.phtml:16
Magento\Customer\Controller\Account\LoginPost\validateForCsrf
validateForCsrf(RequestInterface $request)
Definition: LoginPost.php:160
Magento\Customer\Controller\Account\LoginPost\$session
$session
Definition: LoginPost.php:51
$request
$request
Definition: quote_with_configurable_product_last_variation.php:22
Magento\Framework\App\CsrfAwareActionInterface\createCsrfValidationException
createCsrfValidationException(RequestInterface $request)
Magento\Customer\Controller\Account\LoginPost\$formKeyValidator
$formKeyValidator
Definition: LoginPost.php:41
Magento\Framework\App\Action\HttpPostActionInterface
Definition: HttpPostActionInterface.php:16
Magento\Customer\Controller\Account\LoginPost\$customerAccountManagement
$customerAccountManagement
Definition: LoginPost.php:36