zf2-user/Module.php at master · oromedialab/zf2-user · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<?php
/**
 * @author Ibrahim Azhar <azhar@iarmar.com>
 * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
namespace Oml\Zf2User;

use Zend\Mvc\ModuleRouteListener;
use Zend\Mvc\MvcEvent;
use Zend\ServiceManager\ServiceManager;

use Oml\Zf2User\Entity\SessionManager;

class Module
{
    protected $unrestrictedRoutes = array();

    public function onBootstrap(MvcEvent $e)
    {
        $eventManager = $e->getApplication()->getEventManager();
        $moduleRouteListener = new ModuleRouteListener();
        $moduleRouteListener->attach($eventManager);
        $serviceManager = $e->getApplication()->getServiceManager();
        $config = $serviceManager->get('config');
        $omlConfig = $config['oml'];
        $this->unrestrictedRoutes = $omlConfig['zf2-user']['unrestricted-routes'];
        $eventManager->attach(MvcEvent::EVENT_ROUTE, array($this, 'verifyAuthAccess'));
    }

    public function getConfig()
    {
        return array_merge_recursive(
            include __DIR__ . '/config/module.config.php',
            include __DIR__ . '/config/route.cms.config.php',
            include __DIR__ . '/config/doctrine.config.php',
            include __DIR__ . '/config/oml.config.php'
        );
    }

    public function getAutoloaderConfig()
    {
        return array(
            'Zend\Loader\StandardAutoloader' => array(
                'namespaces' => array(
                    __NAMESPACE__ => __DIR__ . '/src/Zf2User',
                ),
            ),
        );
    }

    public function verifyAuthAccess(MvcEvent $e)
    {
        $serviceManager = $e->getApplication()->getServiceManager();
        $routeMatch = $e->getRouteMatch();
        $matchedRouteName = $routeMatch->getMatchedRouteName();
        // Skip auth-check for API request
        if($this->currentRequestIsApi($serviceManager)) {
            return;
        }
        // Skip auth-check for CLI request
        if (get_class($serviceManager->get('request')) == 'Zend\Console\Request') {
            return;
        }
        $authService = $serviceManager->get('Zend\Authentication\AuthenticationService');
        // Unauthenticated user has access to unrestricted routes only
        if (!$authService->hasIdentity() && !in_array($matchedRouteName, $this->unrestrictedRoutes)) {
            $routeMatch->setParam('controller', __NAMESPACE__.'\Controller\AccountController');
            $routeMatch->setParam('action', 'sign-in');
        }
        // If authenticated user try accessing restricted route, redirect to home
        if ($authService->hasIdentity() && in_array($matchedRouteName, $this->unrestrictedRoutes)) {
            return $this->redirectToRoute($e, 'home', 302);
        }
        // If user is deleted redirect to sign-in
        $user = $authService->getIdentity();
        // If user is disabled or deleted, ask user to sign-in and clear identity
        $forceUserLogout = false;
        if ($user && !$user->getEnabled() && !in_array($matchedRouteName, $this->unrestrictedRoutes)) {
            $forceUserLogout = true;
        }
        if (!$user && !in_array($matchedRouteName, $this->unrestrictedRoutes)) {
            $forceUserLogout = true;
        }
        if (true === $forceUserLogout) {
            $authService->clearIdentity();
            $sessionManager = new SessionManager();
            $sessionManager->forgetMe();
            $routeMatch->setParam('controller', __NAMESPACE__.'\Controller\AccountController');
            $routeMatch->setParam('action', 'sign-in');
        }
    }

    public function currentRequestIsApi(ServiceManager $serviceManager)
    {
        $isApiRequest = false;
        $router = $serviceManager->get('router');
        $request = $serviceManager->get('request');
        $matchedRoute = $router->match($request);
        if ($matchedRoute) {
            $params = $matchedRoute->getParams();
            $matchedControllerName = $params['controller'];
            $controllerManager = $serviceManager->get('ControllerManager');
            if ($controllerManager->has($matchedControllerName)) {
                $controller = $controllerManager->get($matchedControllerName);
                if ('Zend\Mvc\Controller\AbstractRestfulController' == get_parent_class($controller)) {
                    $isApiRequest = true;
                }
            }
        }
        return $isApiRequest;
    }

    protected function redirectToRoute(MvcEvent $e, $routeName, $statusCode)
    {
        $router = $e->getRouter();
        $url = $router->assemble(array(), array('name' => $routeName));
        $response = $e->getResponse();
        $response->getHeaders()->addHeaderLine('Location', $url);
        $response->setStatusCode($statusCode);
        return $response;
    }
}