LYNX-232: generateCustomerToken mutation optimization

Author: sivaschenko

app/code/Magento/Customer/Model/AccountManagement.php

@@ -16,6 +16,7 @@
 use Magento\Customer\Api\Data\ValidationResultsInterfaceFactory;
 use Magento\Customer\Api\SessionCleanerInterface;
 use Magento\Customer\Helper\View as CustomerViewHelper;
+use Magento\Customer\Model\AccountManagement\Authenticate;
 use Magento\Customer\Model\Config\Share as ConfigShare;
 use Magento\Customer\Model\Customer as CustomerModel;
 use Magento\Customer\Model\Customer\CredentialsValidator;
@@ -400,6 +401,11 @@ class AccountManagement implements AccountManagementInterface
      */
     private CustomerLogger $customerLogger;
 
+    /**
+     * @var Authenticate
+     */
+    private Authenticate $authenticate;
+
     /**
      * @param CustomerFactory $customerFactory
      * @param ManagerInterface $eventManager
@@ -439,6 +445,7 @@ class AccountManagement implements AccountManagementInterface
      * @param AuthenticationInterface|null $authentication
      * @param Backend|null $eavValidator
      * @param CustomerLogger|null $customerLogger
+     * @param Authenticate|null $authenticate
      * @SuppressWarnings(PHPMD.CyclomaticComplexity)
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      * @SuppressWarnings(PHPMD.NPathComplexity)
@@ -483,7 +490,8 @@ public function __construct(
         AuthorizationInterface $authorization = null,
         AuthenticationInterface $authentication = null,
         Backend $eavValidator = null,
-        ?CustomerLogger $customerLogger = null
+        CustomerLogger $customerLogger = null,
+        Authenticate $authenticate = null
     ) {
         $this->customerFactory = $customerFactory;
         $this->eventManager = $eventManager;
@@ -527,6 +535,7 @@ public function __construct(
         $this->authentication = $authentication ?? $objectManager->get(AuthenticationInterface::class);
         $this->eavValidator = $eavValidator ?? $objectManager->get(Backend::class);
         $this->customerLogger = $customerLogger ?? $objectManager->get(CustomerLogger::class);
+        $this->authenticate = $authenticate ?? $objectManager->get(Authenticate::class);
     }
 
     /**
@@ -620,51 +629,7 @@ private function activateCustomer($customer, $confirmationKey)
      */
     public function authenticate($username, $password)
     {
-        try {
-            $customer = $this->customerRepository->get($username);
-        } catch (NoSuchEntityException $e) {
-            throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
-        }
-
-        $customerId = $customer->getId();
-        if ($this->authentication->isLocked($customerId)) {
-            throw new UserLockedException(__('The account is locked.'));
-        }
-        try {
-            $this->authentication->authenticate($customerId, $password);
-        } catch (InvalidEmailOrPasswordException $e) {
-            throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
-        }
-
-        if ($customer->getConfirmation()
-            && ($this->isConfirmationRequired($customer) || $this->isEmailChangedConfirmationRequired($customer))) {
-            throw new EmailNotConfirmedException(__("This account isn't confirmed. Verify and try again."));
-        }
-
-        $customerModel = $this->customerFactory->create()->updateData($customer);
-        $this->eventManager->dispatch(
-            'customer_customer_authenticated',
-            ['model' => $customerModel, 'password' => $password]
-        );
-
-        $this->eventManager->dispatch('customer_data_object_login', ['customer' => $customer]);
-
-        return $customer;
-    }
-
-    /**
-     * Checks if account confirmation is required if the email address has been changed
-     *
-     * @param CustomerInterface $customer
-     * @return bool
-     */
-    private function isEmailChangedConfirmationRequired(CustomerInterface $customer): bool
-    {
-        return $this->accountConfirmation->isEmailChangedConfirmationRequired(
-            (int)$customer->getWebsiteId(),
-            (int)$customer->getId(),
-            $customer->getEmail()
-        );
+        return $this->authenticate->execute((string) $username, (string) $password);
     }
 
     /**

app/code/Magento/Customer/Model/AccountManagement/Authenticate.php

@@ -0,0 +1,183 @@
+<?php
+/************************************************************************
+ *
+ * Copyright 2023 Adobe
+ * All Rights Reserved.
+ *
+ * NOTICE: All information contained herein is, and remains
+ * the property of Adobe and its suppliers, if any. The intellectual
+ * and technical concepts contained herein are proprietary to Adobe
+ * and its suppliers and are protected by all applicable intellectual
+ * property laws, including trade secret and copyright laws.
+ * Dissemination of this information or reproduction of this material
+ * is strictly forbidden unless prior written permission is obtained
+ * from Adobe.
+ * ************************************************************************
+ */
+declare(strict_types=1);
+
+namespace Magento\Customer\Model\AccountManagement;
+
+use Magento\Customer\Api\Data\CustomerInterface;
+use Magento\Customer\Api\Data\CustomerInterfaceFactory;
+use Magento\Customer\Model\AccountConfirmation;
+use Magento\Customer\Model\AuthenticationInterface;
+use Magento\Customer\Model\Customer;
+use Magento\Customer\Model\CustomerRegistry;
+use Magento\Framework\Api\DataObjectHelper;
+use Magento\Framework\Event\ManagerInterface;
+use Magento\Framework\Exception\EmailNotConfirmedException;
+use Magento\Framework\Exception\InvalidEmailOrPasswordException;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\Framework\Exception\State\UserLockedException;
+
+/**
+ * Authenticate customer
+ */
+class Authenticate
+{
+    /**
+     * @var CustomerRegistry
+     */
+    private CustomerRegistry $customerRegistry;
+
+    /**
+     * @var DataObjectHelper
+     */
+    private DataObjectHelper $dataObjectHelper;
+
+    /**
+     * @var CustomerInterfaceFactory
+     */
+    private CustomerInterfaceFactory $customerFactory;
+
+    /**
+     * @var AuthenticationInterface
+     */
+    private AuthenticationInterface $authentication;
+
+    /**
+     * @var AccountConfirmation
+     */
+    private AccountConfirmation $accountConfirmation;
+
+    /**
+     * @var ManagerInterface
+     */
+    private ManagerInterface $eventManager;
+
+    /**
+     * @param CustomerRegistry $customerRegistry
+     * @param DataObjectHelper $dataObjectHelper
+     * @param CustomerInterfaceFactory $customerFactory
+     * @param AuthenticationInterface $authentication
+     * @param AccountConfirmation $accountConfirmation
+     * @param ManagerInterface $eventManager
+     */
+    public function __construct(
+        CustomerRegistry $customerRegistry,
+        DataObjectHelper $dataObjectHelper,
+        CustomerInterfaceFactory $customerFactory,
+        AuthenticationInterface $authentication,
+        AccountConfirmation $accountConfirmation,
+        ManagerInterface $eventManager
+    ) {
+        $this->customerRegistry = $customerRegistry;
+        $this->dataObjectHelper = $dataObjectHelper;
+        $this->customerFactory = $customerFactory;
+        $this->authentication = $authentication;
+        $this->accountConfirmation = $accountConfirmation;
+        $this->eventManager = $eventManager;
+    }
+
+    /**
+     * Authenticate a customer by username and password
+     *
+     * @param string $email
+     * @param string $password
+     * @return CustomerInterface
+     * @throws LocalizedException
+     */
+    public function execute(string $email, string $password): CustomerInterface
+    {
+        try {
+            $customerModel = $this->customerRegistry->retrieveByEmail($email);
+        } catch (NoSuchEntityException $exception) {
+            throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
+        }
+        $customer = $this->getCustomerDataObject($customerModel);
+
+        $customerId = $customer->getId();
+        if ($this->authentication->isLocked($customerId)) {
+            throw new UserLockedException(__('The account is locked.'));
+        }
+        try {
+            $this->authentication->authenticate($customerId, $password);
+        } catch (InvalidEmailOrPasswordException $exception) {
+            throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
+        }
+
+        if ($customer->getConfirmation()
+            && ($this->isConfirmationRequired($customer) || $this->isEmailChangedConfirmationRequired($customer))) {
+            throw new EmailNotConfirmedException(__('This account isn\'t confirmed. Verify and try again.'));
+        }
+
+        $this->eventManager->dispatch(
+            'customer_customer_authenticated',
+            ['model' => $customerModel, 'password' => $password]
+        );
+
+        $this->eventManager->dispatch('customer_data_object_login', ['customer' => $customer]);
+
+        return $customer;
+    }
+
+    /**
+     * Convert custom model to DTO
+     *
+     * @param Customer $customerModel
+     * @return CustomerInterface
+     */
+    private function getCustomerDataObject(Customer $customerModel): CustomerInterface
+    {
+        $customerDataObject = $this->customerFactory->create();
+        $this->dataObjectHelper->populateWithArray(
+            $customerDataObject,
+            $customerModel->getData(),
+            CustomerInterface::class
+        );
+        $customerDataObject->setId($customerModel->getId());
+        return $customerDataObject;
+    }
+
+    /**
+     * Check if accounts confirmation is required in config
+     *
+     * @param CustomerInterface $customer
+     * @return bool
+     */
+    private function isConfirmationRequired($customer)
+    {
+        return $this->accountConfirmation->isConfirmationRequired(
+            $customer->getWebsiteId(),
+            $customer->getId(),
+            $customer->getEmail()
+        );
+    }
+
+    /**
+     * Checks if account confirmation is required if the email address has been changed
+     *
+     * @param CustomerInterface $customer
+     * @return bool
+     */
+    private function isEmailChangedConfirmationRequired(CustomerInterface $customer): bool
+    {
+        return $this->accountConfirmation->isEmailChangedConfirmationRequired(
+            (int)$customer->getWebsiteId(),
+            (int)$customer->getId(),
+            $customer->getEmail()
+        );
+    }
+}

app/code/Magento/Customer/Model/Session.php

@@ -107,6 +107,11 @@ class Session extends \Magento\Framework\Session\SessionManager
      */
     private $accountConfirmation;
 
+    /**
+     * @var CustomerRegistry
+     */
+    private $customerRegistry;
+
     /**
      * Session constructor.
      *
@@ -132,6 +137,7 @@ class Session extends \Magento\Framework\Session\SessionManager
      * @param GroupManagementInterface $groupManagement
      * @param \Magento\Framework\App\Response\Http $response
      * @param AccountConfirmation $accountConfirmation
+     * @param CustomerRegistry $customerRegistry
      * @throws \Magento\Framework\Exception\SessionException
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
@@ -157,7 +163,8 @@ public function __construct(
         CustomerRepositoryInterface $customerRepository,
         GroupManagementInterface $groupManagement,
         \Magento\Framework\App\Response\Http $response,
-        AccountConfirmation $accountConfirmation = null
+        AccountConfirmation $accountConfirmation = null,
+        CustomerRegistry $customerRegistry = null
     ) {
         $this->_coreUrl = $coreUrl;
         $this->_customerUrl = $customerUrl;
@@ -173,6 +180,8 @@ public function __construct(
         $this->response = $response;
         $this->accountConfirmation = $accountConfirmation ?: ObjectManager::getInstance()
             ->get(AccountConfirmation::class);
+        $this->customerRegistry = $customerRegistry ?: ObjectManager::getInstance()
+            ->get(CustomerRegistry::class);
         parent::__construct(
             $request,
             $sidResolver,
@@ -431,7 +440,7 @@ public function checkCustomerId($customerId)
         }
 
         try {
-            $this->customerRepository->getById($customerId);
+            $this->customerRegistry->retrieve($customerId);
             $this->_isCustomerIdChecked = $customerId;
             return true;
         } catch (\Exception $e) {