added MinistryLogin controller, modified Distribution controller

parent fe7a8d64
......@@ -78,10 +78,12 @@ epal.demo_data:
_access: 'TRUE'
epal.allocation:
path: '/epal/distribution'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\Distribution::createDistribution'
requirements:
_access: 'TRUE'
_user_is_logged_in: 'TRUE'
sectorperschool:
path: '/epal/sectorperSchool/{epalId}'
options:
......@@ -130,3 +132,19 @@ epal.ministry.log_in_go:
_controller: '\Drupal\epal\Controller\MinistryLogin::loginGo'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.log_out_go:
path: '/ministry/logout'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\MinistryLogin::logoutGo'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.general_report:
path: '/ministry/general-report'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\Distribution::makegGeneralReport'
requirements:
_user_is_logged_in: 'TRUE'
......@@ -46,14 +46,15 @@ class MinistryLogin extends ControllerBase
public function loginGo(Request $request)
{
if (!$request->isMethod('POST')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
try {
if (!$request->isMethod('POST')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
//user validation
//Note: $authToken = $postData->username
$authToken = $request->headers->get('PHP_AUTH_USER');
......@@ -110,6 +111,65 @@ class MinistryLogin extends ControllerBase
}
public function logoutGo(Request $request)
{
try {
if (!$request->isMethod('POST')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
//user validation
//Note: $authToken = $postData->username
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if (!$user) {
return $this->respondWithStatus([
'message' => t("User not found"),
], Response::HTTP_FORBIDDEN);
}
//user role validation
//$user = \Drupal\user\Entity\User::load($user->id());
/*
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
if ($role === "ministry") {
$validRole = true;
break;
}
if (!$validRole) {
return $this->respondWithStatus([
'message' => t("User Invalid Role"),
], Response::HTTP_FORBIDDEN);
}
*/
session_unset();
session_destroy();
$response = new Response();
$response->setContent('logout successful');
$response->setStatusCode(Response::HTTP_OK);
$response->headers->set('Content-Type', 'application/json');
return $response;
} //end try
catch (\Exception $e) {
$this->logger->warning($e->getMessage());
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
}
}
private function respondWithStatus($arr, $s) {
$res = new JsonResponse($arr);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment