added messenging

8 months ago · de73e800ad
3 changed files with 40 additions and 12 deletions
--- a/src/EventSubscriber/RedirectSubscriber.php
+++ b/src/EventSubscriber/RedirectSubscriber.php
@ -8,6 +8,9 @@ use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 use Drupal\Core\Routing\TrustedRedirectResponse;
 use Drupal\Core\Session\AccountProxyInterface;
 use Drupal\Core\Config\ConfigFactoryInterface;
+use Drupal\Core\Messenger\MessengerInterface;
+use Drupal\Core\Url;
+use Symfony\Component\HttpFoundation\RedirectResponse;

 /**
 * Subscribes to kernel request events to redirect users based on permissions.
@ -31,6 +34,13 @@ class RedirectSubscriber implements EventSubscriberInterface {
   */
  protected $configFactory;

+  /**
+   * The Messenger service.
+   *
+   * @var \Drupal\Core\Messenger\
+   */
+  protected $messenger;
+
  /**
   * Constructs a new RedirectSubscriber.
   *
@ -38,10 +48,13 @@ class RedirectSubscriber implements EventSubscriberInterface {
   *   The current user.
   * @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
   *   The config factory.
+   * @param Drupal\Core\Messenger\MessengerInterface $messenger
+   *   The messenger.
   */
-  public function __construct(AccountProxyInterface $current_user, ConfigFactoryInterface $config_factory) {
+  public function __construct(AccountProxyInterface $current_user, ConfigFactoryInterface $config_factory, MessengerInterface $messenger) {
    $this->currentUser = $current_user;
    $this->configFactory = $config_factory;
+    $this->messenger = $messenger;
  }

  /**
@ -50,13 +63,13 @@ class RedirectSubscriber implements EventSubscriberInterface {
  public function onRequest(RequestEvent $event) {
    $request = $event->getRequest();
    $host = $request->getHost();
+    $uri = $request->getRequestUri();
    $config = $this->configFactory->get('url_permission_redirect.settings');
    $protectedDomain = $config->get('protected_domain') ?? FALSE;
-    $uri = $request->getRequestUri();

-    // Redirect logged-in users with permission.
+    // Redirect logged-in users with access permission to protected domain.
    if ($protectedDomain && $this->currentUser->isAuthenticated() &&
-      $this->currentUser->hasPermission('access protected domain')) {
+        $this->currentUser->hasPermission('access protected domain')) {
      if ($host !== $protectedDomain) {
        $redirect_url = 'https://' . $protectedDomain . $uri;
        $event->setResponse(new TrustedRedirectResponse($redirect_url, 302));
@ -64,17 +77,30 @@ class RedirectSubscriber implements EventSubscriberInterface {
      }
    }

-    // Redirect anonymous users trying to log in via the public domain.
-    if ($host !== $protectedDomain && $uri === '/user/login') {
+    // Redirect anonymous users attempting to log in from public domain.
+    if ($host !== $protectedDomain && $uri === '/user/login' && $this->currentUser->isAnonymous()) {
      $destination = $request->query->get('destination');
-      $redirect_url = 'https://' . $protectedDomain . '/user/login';
+      $redirect_url = 'https://' . $protectedDomain . '/user?redirect_message=1';

-      // Preserve destination if it exists.
      if ($destination) {
-        $redirect_url .= '?destination=' . urlencode($destination);
+        $redirect_url .= '&destination=' . urlencode($destination);
      }

      $event->setResponse(new TrustedRedirectResponse($redirect_url, 302));
+      return;
+    }
+
+    // Show redirect message on target domain if query parameter is present.
+    if ($host === $protectedDomain && $request->query->get('redirect_message') === '1') {
+      $this->messenger->addStatus('You were redirected here to log in securely.');
+
+      // Clean the query string by removing redirect_message and reloading.
+      $query = $request->query->all();
+      unset($query['redirect_message']);
+
+      $current_path = $request->getPathInfo();
+      $clean_url = Url::fromUri('internal:' . $current_path, ['query' => $query])->toString();
+      $event->setResponse(new RedirectResponse($clean_url, 302));
    }
  }

--- a/src/Form/RedirectSettingsForm.php
+++ b/src/Form/RedirectSettingsForm.php
@ -37,7 +37,7 @@ class RedirectSettingsForm extends ConfigFormBase {
      '#type' => 'textfield',
      '#title' => $this->t('Protected Domain'),
      '#default_value' => $config->get('protected_domain'),
-      '#description' => $this->t('Domain to redirect users with permission to.'),
+      '#description' => $this->t('Domain to redirect users with permissions.'),
      '#required' => TRUE,
    ];

@ -48,8 +48,10 @@ class RedirectSettingsForm extends ConfigFormBase {
   * {@inheritdoc}
   */
  public function submitForm(array &$form, FormStateInterface $form_state) {
+    $protected_domain = $form_state->getValue('protected_domain');
+    $cleaned = preg_replace('#^https?://#', '', rtrim($protected_domain, '/'));
    $this->config('url_permission_redirect.settings')
-      ->set('protected_domain', $form_state->getValue('protected_domain'))
+      ->set('protected_domain', $cleaned)
      ->save();

    parent::submitForm($form, $form_state);
--- a/url_permission_redirect.services.yml
+++ b/url_permission_redirect.services.yml
@ -1,6 +1,6 @@
 services:
  url_permission_redirect.event_subscriber:
    class: Drupal\url_permission_redirect\EventSubscriber\RedirectSubscriber
-    arguments: ['@current_user', '@config.factory']
+    arguments: ['@current_user', '@config.factory, '@messenger']
    tags:
      - { name: event_subscriber }