‪TYPO3CMS  10.4
AjaxLoginController.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of the TYPO3 CMS project.
5  *
6  * It is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License, either version 2
8  * of the License, or any later version.
9  *
10  * For the full copyright and license information, please read the
11  * LICENSE.txt file that was distributed with this source code.
12  *
13  * The TYPO3 project - inspiring people to share!
14  */
15 
17 
18 use Psr\Http\Message\ResponseInterface;
19 use Psr\Http\Message\ServerRequestInterface;
24 
30 {
41  public function ‪loginAction(ServerRequestInterface $request): ResponseInterface
42  {
43  if ($this->‪isAuthorizedBackendSession()) {
44  $result = ['success' => true];
45  if ($this->‪hasLoginBeenProcessed()) {
47  $formProtection = ‪FormProtectionFactory::get();
48  $formProtection->setSessionTokenFromRegistry();
49  $formProtection->persistSessionToken();
50  }
51  } else {
52  $result = ['success' => false];
53  }
54  return new ‪JsonResponse(['login' => $result]);
55  }
56 
63  public function ‪logoutAction(ServerRequestInterface $request): ResponseInterface
64  {
65  $backendUser = $this->‪getBackendUser();
66  $backendUser->logoff();
67  return new ‪JsonResponse([
68  'logout' => [
69  'success' => !isset($backendUser->user['uid'])
70  ]
71  ]);
72  }
73 
74  public function ‪preflightAction(ServerRequestInterface $request): ResponseInterface
75  {
76  $headers = $request->getHeaders();
77  return new ‪JsonResponse([
78  'capabilities' => [
79  'cookie' => !empty($request->getCookieParams()),
80  // using legacy `Referer` (sic!) header name
81  'referrer' => array_filter($headers['referer'] ?? []) !== [],
82  ],
83  ]);
84  }
85 
94  public function ‪refreshAction(ServerRequestInterface $request): ResponseInterface
95  {
96  $backendUser = $this->‪getBackendUser();
97  return new ‪JsonResponse([
98  'refresh' => [
99  'success' => isset($backendUser->user['uid']),
100  ],
101  ]);
102  }
103 
110  public function ‪isTimedOutAction(ServerRequestInterface $request): ResponseInterface
111  {
112  $session = [
113  'timed_out' => false,
114  'will_time_out' => false,
115  'locked' => false
116  ];
117  $backendUser = $this->‪getBackendUser();
118  if (@is_file(‪Environment::getLegacyConfigPath() . '/LOCK_BACKEND')) {
119  $session['locked'] = true;
120  } elseif (!isset($backendUser->user['uid'])) {
121  $session['timed_out'] = true;
122  } else {
123  $backendUser->fetchUserSession(true);
124  $ses_tstamp = $backendUser->user['ses_tstamp'];
125  $timeout = $backendUser->sessionTimeout;
126  // If 120 seconds from now is later than the session timeout, we need to show the refresh dialog.
127  // 120 is somewhat arbitrary to allow for a little room during the countdown and load times, etc.
128  $session['will_time_out'] = ‪$GLOBALS['EXEC_TIME'] >= $ses_tstamp + $timeout - 120;
129  }
130  return new ‪JsonResponse(['login' => $session]);
131  }
132 
138  protected function ‪isAuthorizedBackendSession()
139  {
140  $backendUser = $this->‪getBackendUser();
141  return $backendUser !== null && $backendUser instanceof ‪BackendUserAuthentication && isset($backendUser->user['uid']);
142  }
143 
149  protected function ‪hasLoginBeenProcessed()
150  {
151  $loginFormData = $this->‪getBackendUser()->‪getLoginFormData();
152  return $loginFormData['status'] === 'login' && !empty($loginFormData['uname']) && !empty($loginFormData['uident']);
153  }
154 
158  protected function ‪getBackendUser()
159  {
160  return ‪$GLOBALS['BE_USER'] ?? null;
161  }
162 }
‪TYPO3\CMS\Core\FormProtection\FormProtectionFactory\get
‪static TYPO3 CMS Core FormProtection AbstractFormProtection get($classNameOrType='default',... $constructorArguments)
Definition: FormProtectionFactory.php:74
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\getBackendUser
‪BackendUserAuthentication null getBackendUser()
Definition: AjaxLoginController.php:158
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\refreshAction
‪ResponseInterface refreshAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:94
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\hasLoginBeenProcessed
‪bool hasLoginBeenProcessed()
Definition: AjaxLoginController.php:149
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\isAuthorizedBackendSession
‪bool isAuthorizedBackendSession()
Definition: AjaxLoginController.php:138
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\isTimedOutAction
‪ResponseInterface isTimedOutAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:110
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\loginAction
‪ResponseInterface loginAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:41
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\logoutAction
‪ResponseInterface logoutAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:63
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:62
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\preflightAction
‪preflightAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:74
‪TYPO3\CMS\Core\FormProtection\FormProtectionFactory
Definition: FormProtectionFactory.php:47
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getLoginFormData
‪array getLoginFormData()
Definition: AbstractUserAuthentication.php:1256
‪TYPO3\CMS\Core\Http\JsonResponse
Definition: JsonResponse.php:26
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Core\Core\Environment
Definition: Environment.php:40
‪TYPO3\CMS\Backend\Controller
Definition: AbstractFormEngineAjaxController.php:18
‪TYPO3\CMS\Backend\Controller\AjaxLoginController
Definition: AjaxLoginController.php:30
‪TYPO3\CMS\Core\Core\Environment\getLegacyConfigPath
‪static string getLegacyConfigPath()
Definition: Environment.php:282