10.4/backend_2_classes_2_middleware_2_backend_user_authenticator_8php_source.html

<?php


declare(strict_types=1);


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


namespace ‪TYPO3\CMS\Backend\Middleware;


use Psr\Http\Message\ResponseInterface;

use Psr\Http\Message\ServerRequestInterface;

use Psr\Http\Server\RequestHandlerInterface;

use ‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication;

use ‪TYPO3\CMS\Core\Context\Context;

use ‪TYPO3\CMS\Core\Localization\LanguageService;

use ‪TYPO3\CMS\Core\Utility\GeneralUtility;


class ‪BackendUserAuthenticator extends ‪\TYPO3\CMS\Core\Middleware\BackendUserAuthenticator

{

    protected ‪$publicRoutes = [

        '/login',

        '/login/frame',

        '/login/password-reset/forget',

        '/login/password-reset/initiate-reset',

        '/login/password-reset/validate',

        '/login/password-reset/finish',

        '/install/server-response-check/host',

        '/ajax/login',

        '/ajax/logout',

        '/ajax/login/preflight',

        '/ajax/login/refresh',

        '/ajax/login/timedout',

        '/ajax/rsa/publickey',

        '/ajax/core/requirejs',

    ];


    public function ‪process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface

    {

        $pathToRoute = $request->getAttribute('routePath', '/login');


        // The global must be available very early, because methods below

        // might trigger code which relies on it. See: #45625

        ‪$GLOBALS['BE_USER'] = GeneralUtility::makeInstance(BackendUserAuthentication::class);

        ‪$GLOBALS['BE_USER']->start();

        // Register the backend user as aspect and initializing workspace once for TSconfig conditions

        $this->‪setBackendUserAspect(‪$GLOBALS['BE_USER'], (int)‪$GLOBALS['BE_USER']->user['workspace_id']);

        // @todo: once this logic is in this method, the redirect URL should be handled as response here

        ‪$GLOBALS['BE_USER']->backendCheckLogin($this->‪isLoggedInBackendUserRequired($pathToRoute));

        ‪$GLOBALS['LANG'] = ‪LanguageService::createFromUserPreferences(‪$GLOBALS['BE_USER']);

        // Re-setting the user and take the workspace from the user object now

        $this->‪setBackendUserAspect(‪$GLOBALS['BE_USER']);


        $response = $handler->handle($request);


        // If no backend user is logged-in, the cookie should be removed

        if (!GeneralUtility::makeInstance(Context::class)->getAspect('backend.user')->isLoggedIn()) {

            ‪$GLOBALS['BE_USER']->removeCookie(‪$GLOBALS['BE_USER']->name);

        }


        // Additional headers to never cache any PHP request should be sent at any time when

        // accessing the TYPO3 Backend

        return $this->‪applyHeadersToResponse($response);

    }


    protected function ‪isLoggedInBackendUserRequired(string $routePath): bool

    {

        return in_array($routePath, $this->publicRoutes, true);

    }

}