Differential D20170 Diff 48184 src/applications/auth/controller/PhabricatorAuthOneTimeLoginController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/controller/PhabricatorAuthOneTimeLoginController.php
| Show First 20 Lines • Show All 219 Lines • ▼ Show 20 Lines | if ($have_passwords) { | ||||
| $params = array( | $params = array( | ||||
| 'key' => $key, | 'key' => $key, | ||||
| ); | ); | ||||
| return (string)new PhutilURI($panel_uri, $params); | return (string)new PhutilURI($panel_uri, $params); | ||||
| } | } | ||||
| $providers = id(new PhabricatorAuthProviderConfigQuery()) | // Check if the user already has external accounts linked. If they do, | ||||
| // it's not obvious why they aren't using them to log in, but assume they | |||||
| // know what they're doing. We won't send them to the link workflow. | |||||
| $accounts = id(new PhabricatorExternalAccountQuery()) | |||||
| ->setViewer($user) | |||||
| ->withUserPHIDs(array($user->getPHID())) | |||||
| ->execute(); | |||||
| $configs = id(new PhabricatorAuthProviderConfigQuery()) | |||||
| ->setViewer($user) | ->setViewer($user) | ||||
| ->withIsEnabled(true) | ->withIsEnabled(true) | ||||
| ->execute(); | ->execute(); | ||||
| $linkable = array(); | |||||
| foreach ($configs as $config) { | |||||
| if (!$config->getShouldAllowLink()) { | |||||
| continue; | |||||
| } | |||||
| $provider = $config->getProvider(); | |||||
| if (!$provider->isLoginFormAButton()) { | |||||
| continue; | |||||
| } | |||||
| $linkable[] = $provider; | |||||
| } | |||||
| // If there's at least one linkable provider, and the user doesn't already | |||||
| // have accounts, send the user to the link workflow. | |||||
| if (!$accounts && $linkable) { | |||||
| return '/auth/external/'; | |||||
| } | |||||
| // If there are no configured providers and the user is an administrator, | // If there are no configured providers and the user is an administrator, | ||||
| // send them to Auth to configure a provider. This is probably where they | // send them to Auth to configure a provider. This is probably where they | ||||
| // want to go. You can end up in this state by accidentally losing your | // want to go. You can end up in this state by accidentally losing your | ||||
| // first session during initial setup, or after restoring exported data | // first session during initial setup, or after restoring exported data | ||||
| // from a hosted instance. | // from a hosted instance. | ||||
| if (!$providers && $user->getIsAdmin()) { | if (!$configs && $user->getIsAdmin()) { | ||||
| return '/auth/'; | return '/auth/'; | ||||
| } | } | ||||
| // If we didn't find anywhere better to send them, give up and just send | // If we didn't find anywhere better to send them, give up and just send | ||||
| // them to the home page. | // them to the home page. | ||||
| return '/'; | return '/'; | ||||
| } | } | ||||
| } | } | ||||