Current path: home/webdevt/cryptoimpot.fr/module/User/src/
?? Go up: /home/webdevt/cryptoimpot.fr/module/User
<?php
/**
* @link http://github.com/zendframework/ZendSkeletonApplication for the canonical source repository
* @copyright Copyright (c) 2005-2016 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
namespace User;
use Laminas\Mvc\MvcEvent;
use Laminas\Mvc\Controller\AbstractActionController;
use User\Controller\AuthController;
use User\Service\AuthManager;
class Module {
/**
* This method returns the path to module.config.php file.
*/
public function getConfig() {
return include __DIR__ . '/../config/module.config.php';
}
/**
* This method is called once the MVC bootstrapping is complete and allows
* to register event listeners.
*/
public function onBootstrap(MvcEvent $event) {
// Get event manager.
$eventManager = $event->getApplication()->getEventManager();
$sharedEventManager = $eventManager->getSharedManager();
// Register the event listener method.
$sharedEventManager->attach(AbstractActionController::class, MvcEvent::EVENT_DISPATCH, [$this, 'onDispatch'], 100);
$sessionManager = $event->getApplication()->getServiceManager()->get('Laminas\Session\SessionManager');
$this->forgetInvalidSession($sessionManager);
//$eventManager = $e->getApplication()->getEventManager();
// $container = $event->getApplication()->getServiceManager();
// $eventManager->attach(MvcEvent::EVENT_DISPATCH,
// function (MvcEvent $e) use ($container) {
// $match = $e->getRouteMatch();
// $authService = $container->get(\Laminas\Authentication\AuthenticationServiceInterface::class);
// $routeName = $match->getMatchedRouteName();
// $em = $container->get(\Doctrine\ORM\EntityManager::class);
// /* Get Controller and Action */
// $matchedController = $match->getParam('controller');
// $matchedAction = $match->getParam('action');
// /* Default Role */
// $role = 'Visitante';
// /* Check if user exists, if it has authenticated and set role */
// if ($authService->hasIdentity()) {
// $user = $em->getReference(\User\Entity\User::class, $authService->getIdentity()->getId());
// if(is_object($user)) {
// $role = $user->getRole()->getName();
// } else {
// $match->setParam('controller', AuthController::class)
// ->setParam('action', 'logout');
// }
// }
// /* Valid ACL */
// $acl = $container->get(\Acl\Permissions\Acl::class);
// if (!$acl->isAllowed($role, $matchedController, $matchedAction)) {
// if ($role == 'Visitante' && $routeName != 'login') {
// $match->setParam('controller', AuthController::class)
// ->setParam('action', 'login');
// } else {
// $response = $e->getResponse();
// /* Location to page or whatever */
// $response->getHeaders()->addHeaderLine('Location', $e->getRequest()->getBaseUrl() . '/404');
// $response->setStatusCode(303);
// }
// }
// }, 100);
}
protected function forgetInvalidSession($sessionManager) {
try {
$sessionManager->start();
return;
} catch (\Exception $e) {
}
/**
* Session validation failed: toast it and carry on.
*/
// @codeCoverageIgnoreStart
session_unset();
// @codeCoverageIgnoreEnd
}
/**
* Event listener method for the 'Dispatch' event. We listen to the Dispatch
* event to call the access filter. The access filter allows to determine if
* the current visitor is allowed to see the page or not. If he/she
* is not authorized and is not allowed to see the page, we redirect the user
* to the login page.
*/
public function onDispatch(MvcEvent $event) {
if (php_sapi_name() === 'cli') {
} else {
// Get controller and action to which the HTTP request was dispatched.
$controller = $event->getTarget();
$controllerName = $event->getRouteMatch()->getParam('controller', null);
$actionName = $event->getRouteMatch()->getParam('action', null);
// Convert dash-style action name to camel-case.
$actionName = str_replace('-', '', lcfirst(ucwords($actionName, '-')));
// Get the instance of AuthManager service.
$authManager = $event->getApplication()->getServiceManager()->get(AuthManager::class);
// Execute the access filter on every controller except AuthController
// (to avoid infinite redirect).
if ($controllerName != AuthController::class &&
!$authManager->filterAccess($controllerName, $actionName)) {
// Remember the URL of the page the user tried to access. We will
// redirect the user to that URL after successful login.
$uri = $event->getApplication()->getRequest()->getUri();
// Make the URL relative (remove scheme, user info, host name and port)
// to avoid redirecting to other domain by a malicious user.
$uri->setScheme(null)
->setHost(null)
->setPort(null)
->setUserInfo(null);
$redirectUrl = $uri->toString();
// Redirect the user to the "Login" page.
return $controller->redirect()->toRoute('login', [], ['query' => ['redirectUrl' => $redirectUrl]]);
}
}
}
}