‪TYPO3CMS  10.4
BackendUserAuthenticator.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
20 use Psr\Http\Message\ResponseInterface;
21 use Psr\Http\Message\ServerRequestInterface;
22 use Psr\Http\Server\RequestHandlerInterface;
27 
34 {
40  protected ‪$publicRoutes = [
41  '/login',
42  '/login/frame',
43  '/login/password-reset/forget',
44  '/login/password-reset/initiate-reset',
45  '/login/password-reset/validate',
46  '/login/password-reset/finish',
47  '/install/server-response-check/host',
48  '/ajax/login',
49  '/ajax/logout',
50  '/ajax/login/preflight',
51  '/ajax/login/refresh',
52  '/ajax/login/timedout',
53  '/ajax/rsa/publickey',
54  '/ajax/core/requirejs',
55  ];
56 
64  public function ‪process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
65  {
66  $pathToRoute = $request->getAttribute('routePath', '/login');
67 
68  // The global must be available very early, because methods below
69  // might trigger code which relies on it. See: #45625
70  ‪$GLOBALS['BE_USER'] = GeneralUtility::makeInstance(BackendUserAuthentication::class);
71  ‪$GLOBALS['BE_USER']->start();
72  // Register the backend user as aspect and initializing workspace once for TSconfig conditions
73  $this->‪setBackendUserAspect(‪$GLOBALS['BE_USER'], (int)‪$GLOBALS['BE_USER']->user['workspace_id']);
74  // @todo: once this logic is in this method, the redirect URL should be handled as response here
75  ‪$GLOBALS['BE_USER']->backendCheckLogin($this->‪isLoggedInBackendUserRequired($pathToRoute));
77  // Re-setting the user and take the workspace from the user object now
78  $this->‪setBackendUserAspect(‪$GLOBALS['BE_USER']);
79 
80  $response = $handler->handle($request);
81 
82  // If no backend user is logged-in, the cookie should be removed
83  if (!GeneralUtility::makeInstance(Context::class)->getAspect('backend.user')->isLoggedIn()) {
84  ‪$GLOBALS['BE_USER']->removeCookie(‪$GLOBALS['BE_USER']->name);
85  }
86 
87  // Additional headers to never cache any PHP request should be sent at any time when
88  // accessing the TYPO3 Backend
89  return $this->‪applyHeadersToResponse($response);
90  }
91 
99  protected function ‪isLoggedInBackendUserRequired(string $routePath): bool
100  {
101  return in_array($routePath, $this->publicRoutes, true);
102  }
103 }
‪TYPO3\CMS\Backend\Middleware\BackendUserAuthenticator\$publicRoutes
‪array $publicRoutes
Definition: BackendUserAuthenticator.php:39
‪TYPO3\CMS\Backend\Middleware
Definition: AdditionalResponseHeaders.php:18
‪TYPO3\CMS\Core\Middleware\BackendUserAuthenticator\setBackendUserAspect
‪setBackendUserAspect(?BackendUserAuthentication $user, int $alternativeWorkspaceId=null)
Definition: BackendUserAuthenticator.php:94
‪TYPO3\CMS\Backend\Middleware\BackendUserAuthenticator\process
‪ResponseInterface process(ServerRequestInterface $request, RequestHandlerInterface $handler)
Definition: BackendUserAuthenticator.php:63
‪TYPO3\CMS\Core\Context\Context
Definition: Context.php:53
‪TYPO3\CMS\Core\Localization\LanguageService\createFromUserPreferences
‪static createFromUserPreferences(?AbstractUserAuthentication $user)
Definition: LanguageService.php:435
‪TYPO3\CMS\Core\Middleware\BackendUserAuthenticator
Definition: BackendUserAuthenticator.php:49
‪TYPO3\CMS\Backend\Middleware\BackendUserAuthenticator\isLoggedInBackendUserRequired
‪bool isLoggedInBackendUserRequired(string $routePath)
Definition: BackendUserAuthenticator.php:98
‪TYPO3\CMS\Core\Middleware\BackendUserAuthenticator\applyHeadersToResponse
‪ResponseInterface applyHeadersToResponse(ResponseInterface $response)
Definition: BackendUserAuthenticator.php:73
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:62
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Backend\Middleware\BackendUserAuthenticator
Definition: BackendUserAuthenticator.php:34
‪TYPO3\CMS\Core\Localization\LanguageService
Definition: LanguageService.php:42
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:46