svetlio/CustomLoginResource.php

## CustomLoginResource.php
<?php

namespace Drupal\exp_fs\Plugin\rest\resource;

use Drupal\Core\Session\AccountProxyInterface;
use Drupal\rest\ModifiedResourceResponse;
use Drupal\rest\Plugin\ResourceBase;
use Drupal\rest\ResourceResponse;
use Psr\Log\LoggerInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Drupal\Core\Session\SessionManagerInterface;
use Drupal\Core\Extension\ModuleHandlerInterface;
use Drupal\Core\Password\PasswordInterface;

/**
 * Provides a POST login resource.
 *
 * @RestResource(
 *   id = "custom_login_resource",
 *   label = @Translation("Custom login resource"),
 *   uri_paths = {
 *     "https://www.drupal.org/link-relations/create" = "/custom/login"
 *   }
 * )
 */
class CustomLoginResource extends ResourceBase {

  /**
   * A current user instance.
   *
   * @var \Drupal\Core\Session\AccountProxyInterface
   */
  protected $currentUser;

  protected $sessionManager;

  protected $moduleHandler;

  protected $password;

  /**
   * Constructs a new CustomLoginResource object.
   *
   * @param array $configuration
   *   A configuration array containing information about the plugin instance.
   * @param string $plugin_id
   *   The plugin_id for the plugin instance.
   * @param mixed $plugin_definition
   *   The plugin implementation definition.
   * @param array $serializer_formats
   *   The available serialization formats.
   * @param \Psr\Log\LoggerInterface $logger
   *   A logger instance.
   * @param \Drupal\Core\Session\AccountProxyInterface $current_user
   *   A current user instance.
   */
  public function __construct(
    array $configuration,
    $plugin_id,
    $plugin_definition,
    array $serializer_formats,
    LoggerInterface $logger,
    AccountProxyInterface $current_user,
    SessionManagerInterface $session_manager,
    ModuleHandlerInterface $module_handler,
    PasswordInterface $password) {
    parent::__construct($configuration, $plugin_id, $plugin_definition, $serializer_formats, $logger);

    $this->currentUser = $current_user;
    $this->sessionManager = $session_manager;
    $this->moduleHandler = $module_handler;
    $this->password = $password;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
    return new static(
      $configuration,
      $plugin_id,
      $plugin_definition,
      $container->getParameter('serializer.formats'),
      $container->get('logger.factory')->get('exp_fs'),
      $container->get('current_user'),
      $container->get('session_manager'),
      $container->get('module_handler'),
      $container->get('password')
    );
  }

  /**
   * Responds to POST requests.
   *
   * @return \Drupal\rest\ModifiedResourceResponse
   *   The HTTP response object.
   *
   * @throws \Symfony\Component\HttpKernel\Exception\HttpException
   *   Throws exception expected.
   */
  public function post($data) {
    $pass_check = FALSE;
    $name = $data['name'];
    $pass = $data['pass'];

    $account = user_load_by_name(trim($name));
    if ($account) {
      $pass_check = $this->password->check(trim($pass), $account->getPassword());
    }
    else {
      $body = [
        'error' => 'Wrong username and/or password.'
      ];
    }

    if ($pass_check == FALSE) {
      $body = [
        'error' => 'Wrong username and/or password..'
      ];
    }
    else {
      $session = \Drupal::service('session');
      $session->migrate();
      $session->set('uid', $account->id());
      $this->moduleHandler->invokeAll('user_login', [$account]);
      user_login_finalize($account);

      $sess_name = $this->sessionManager->getName();
      $sess_id = $this->sessionManager->getId();

      $body = [
        'sess_name' => $sess_name,
        'sess_id' => $sess_id,
        'current_user' => [
          'name' => $account->getAccountName(),
          'uid' => $account->id(),
          'roles' => $account->getRoles()
        ]
      ];
    }

    return new ModifiedResourceResponse($body, 200);
  }

}
	<?php

	namespace Drupal\exp_fs\Plugin\rest\resource;

	use Drupal\Core\Session\AccountProxyInterface;
	use Drupal\rest\ModifiedResourceResponse;
	use Drupal\rest\Plugin\ResourceBase;
	use Drupal\rest\ResourceResponse;
	use Psr\Log\LoggerInterface;
	use Symfony\Component\DependencyInjection\ContainerInterface;
	use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
	use Drupal\Core\Session\SessionManagerInterface;
	use Drupal\Core\Extension\ModuleHandlerInterface;
	use Drupal\Core\Password\PasswordInterface;

	/**
	* Provides a POST login resource.
	*
	* @RestResource(
	* id = "custom_login_resource",
	* label = @Translation("Custom login resource"),
	* uri_paths = {
	* "https://www.drupal.org/link-relations/create" = "/custom/login"
	* }
	* )
	*/
	class CustomLoginResource extends ResourceBase {

	/**
	* A current user instance.
	*
	* @var \Drupal\Core\Session\AccountProxyInterface
	*/
	protected $currentUser;

	protected $sessionManager;

	protected $moduleHandler;

	protected $password;

	/**
	* Constructs a new CustomLoginResource object.
	*
	* @param array $configuration
	* A configuration array containing information about the plugin instance.
	* @param string $plugin_id
	* The plugin_id for the plugin instance.
	* @param mixed $plugin_definition
	* The plugin implementation definition.
	* @param array $serializer_formats
	* The available serialization formats.
	* @param \Psr\Log\LoggerInterface $logger
	* A logger instance.
	* @param \Drupal\Core\Session\AccountProxyInterface $current_user
	* A current user instance.
	*/
	public function __construct(
	array $configuration,
	$plugin_id,
	$plugin_definition,
	array $serializer_formats,
	LoggerInterface $logger,
	AccountProxyInterface $current_user,
	SessionManagerInterface $session_manager,
	ModuleHandlerInterface $module_handler,
	PasswordInterface $password) {
	parent::__construct($configuration, $plugin_id, $plugin_definition, $serializer_formats, $logger);

	$this->currentUser = $current_user;
	$this->sessionManager = $session_manager;
	$this->moduleHandler = $module_handler;
	$this->password = $password;
	}

	/**
	* {@inheritdoc}
	*/
	public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
	return new static(
	$configuration,
	$plugin_id,
	$plugin_definition,
	$container->getParameter('serializer.formats'),
	$container->get('logger.factory')->get('exp_fs'),
	$container->get('current_user'),
	$container->get('session_manager'),
	$container->get('module_handler'),
	$container->get('password')
	);
	}

	/**
	* Responds to POST requests.
	*
	* @return \Drupal\rest\ModifiedResourceResponse
	* The HTTP response object.
	*
	* @throws \Symfony\Component\HttpKernel\Exception\HttpException
	* Throws exception expected.
	*/
	public function post($data) {
	$pass_check = FALSE;
	$name = $data['name'];
	$pass = $data['pass'];

	$account = user_load_by_name(trim($name));
	if ($account) {
	$pass_check = $this->password->check(trim($pass), $account->getPassword());
	}
	else {
	$body = [
	'error' => 'Wrong username and/or password.'
	];
	}

	if ($pass_check == FALSE) {
	$body = [
	'error' => 'Wrong username and/or password..'
	];
	}
	else {
	$session = \Drupal::service('session');
	$session->migrate();
	$session->set('uid', $account->id());
	$this->moduleHandler->invokeAll('user_login', [$account]);
	user_login_finalize($account);

	$sess_name = $this->sessionManager->getName();
	$sess_id = $this->sessionManager->getId();

	$body = [
	'sess_name' => $sess_name,
	'sess_id' => $sess_id,
	'current_user' => [
	'name' => $account->getAccountName(),
	'uid' => $account->id(),
	'roles' => $account->getRoles()
	]
	];
	}

	return new ModifiedResourceResponse($body, 200);
	}

	}