‪TYPO3CMS  10.4
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Core\Authentication\AbstractUserAuthentication Class Reference
Inheritance diagram for TYPO3\CMS\Core\Authentication\AbstractUserAuthentication:
TYPO3\CMS\Core\Authentication\BackendUserAuthentication TYPO3\CMS\Core\Tests\Functional\Authentication\Fixtures\AnyUserAuthentication TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication TYPO3\CMS\Backend\FrontendBackendUserAuthentication TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication TYPO3\CMS\Workspaces\Authentication\PreviewUserAuthentication

Public Member Functions

 __construct ()
 
 start ()
 
bool isSetSessionCookie ()
 
bool isRefreshTimeBasedCookie ()
 
 checkAuthentication ()
 
string createSessionId ()
 
array createUserSession ($tempuser)
 
array getNewSessionRecord ($tempuser)
 
array bool fetchUserSession ($skipSessionUpdate=false)
 
 enforceNewSessionId ()
 
 logoff ()
 
 removeCookie ($cookieName)
 
bool isExistingSessionRecord ($id)
 
bool isCookieSet ()
 
 writeUC ($variable='')
 
 unpack_uc ($theUC='')
 
 pushModuleData ($module, $data, $noSave=0)
 
mixed getModuleData ($module, $type='')
 
mixed getSessionData ($key)
 
 setSessionData ($key, $data)
 
 setAndSaveSessionData ($key, $data)
 
array getLoginFormData ()
 
array processLoginData ($loginData, $passwordTransmissionStrategy='')
 
array getAuthInfoArray ()
 
 gc ()
 
 writelog ($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid)
 
 checkLogFailures ($email, $secondsBack, $maxFailures)
 
 setBeUserByUid ($uid)
 
 setBeUserByName ($name)
 
array getRawUserByUid ($uid)
 
array getRawUserByName ($name)
 
string getSessionId ()
 
string getLoginType ()
 

Public Attributes

string $name = ''
 
string $user_table = ''
 
string $usergroup_table = ''
 
string $username_column = ''
 
string $userident_column = ''
 
string $userid_column = ''
 
string $usergroup_column = ''
 
string $lastLogin_column = ''
 
array $enablecolumns
 
bool $showHiddenRecords = false
 
string $formfield_uname = ''
 
string $formfield_uident = ''
 
string $formfield_status = ''
 
int $sessionTimeout = 0
 
string $auth_timeout_field = ''
 
int $lifetime = 0
 
int $gc_time = 86400
 
int $gc_probability = 1
 
bool $writeStdLog = false
 
bool $writeAttemptLog = false
 
bool $sendNoCacheHeaders = true
 
int $hash_length = 32
 
string $warningEmail = ''
 
int $warningPeriod = 3600
 
int $warningMax = 3
 
bool $checkPid = true
 
int $checkPid_value = 0
 
string $id
 
bool $loginFailure = false
 
bool $loginSessionStarted = false
 
array null $user
 
bool $newSessionID = false
 
bool $forceSetCookie = false
 
bool $dontSetCookie = false
 
string $loginType = ''
 
array $svConfig = array( )
 
array $uc
 

Protected Member Functions

 sendHttpHeaders ()
 
array getHttpHeaders ()
 
 setSessionCookie ()
 
string getCookieDomain ()
 
string getCookie ($cookieName)
 
Traversable getAuthServices (string $subType, array $loginData, array $authInfo)
 
 regenerateSessionId (array $existingSessionRecord=[], bool $anonymous=false)
 
 updateLoginTimestamp (int $userId)
 
 performLogoff ()
 
QueryRestrictionContainerInterface userConstraints ()
 
mixed removeSensitiveLoginDataForLoggingInfo ($data, bool $isUserRecord=false)
 
SessionBackendInterface getSessionBackend ()
 

Protected Attributes

bool $cookieWasSetOnCurrentRequest = false
 
IpLocker $ipLocker
 
SessionBackendInterface $sessionBackend
 
array $sessionData = array( )
 

Detailed Description

Authentication of users in TYPO3

This class is used to authenticate a login user. The class is used by both the frontend and backend. In both cases this class is a parent class to BackendUserAuthentication and FrontendUserAuthentication

Definition at line 50 of file AbstractUserAuthentication.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::__construct ( )

Initialize some important variables

Exceptions
Exception

Reimplemented in TYPO3\CMS\Core\Authentication\BackendUserAuthentication, TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication, TYPO3\CMS\Workspaces\Authentication\PreviewUserAuthentication, and TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication.

Definition at line 285 of file AbstractUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$sessionTimeout.

Member Function Documentation

◆ checkAuthentication()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::checkAuthentication ( )

Checks if a submission of username and password is present or use other authentication by auth services

Exceptions

Reimplemented in TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication.

Definition at line 519 of file AbstractUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$loginType, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$sessionData, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$userid_column, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$username_column, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkLogFailures(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\createUserSession(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\fetchUserSession(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthServices(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getLoginFormData(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Core\Environment\isCli(), TYPO3\CMS\Core\Authentication\LoginType\LOGIN, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\logoff(), TYPO3\CMS\Core\Authentication\LoginType\LOGOUT, TYPO3\CMS\Core\Authentication\MimicServiceInterface\mimicAuthUser(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\regenerateSessionId(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeSensitiveLoginDataForLoggingInfo(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\update(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writelog().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start().

◆ checkLogFailures()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::checkLogFailures (   $email,
  $secondsBack,
  $maxFailures 
)

DUMMY: Check login failures (in some extension classes)

Parameters
string$email‪Email address
int$secondsBack‪Number of sections back in time to check. This is a kind of limit for how many failures an hour for instance
int$maxFailures‪Max allowed failures before a warning mail is sent @ignore

Reimplemented in TYPO3\CMS\Core\Authentication\BackendUserAuthentication.

Definition at line 1410 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication().

◆ createSessionId()

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::createSessionId ( )

Creates a new session ID.

Returns
‪string The new session ID

Definition at line 800 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\regenerateSessionId(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start().

◆ createUserSession()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::createUserSession (   $tempuser)

Creates a user session record and returns its values.

Parameters
array$tempuser‪User data array
Returns
‪array The session data for the newly created session.

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 864 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getNewSessionRecord(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\remove(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\set(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\updateLoginTimestamp().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication().

◆ enforceNewSessionId()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::enforceNewSessionId ( )

Regenerates the session ID and sets the cookie again.

Definition at line 972 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\regenerateSessionId(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionCookie().

◆ fetchUserSession()

array bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::fetchUserSession (   $skipSessionUpdate = false)

Read the user session from db.

Parameters
bool$skipSessionUpdate
Returns
‪array|bool User session data, false if $this->id does not represent valid session

Definition at line 920 of file AbstractUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$sessionTimeout, TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\get(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getRawUserByUid(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\logoff(), and TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\update().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication().

◆ gc()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::gc ( )

Garbage collector, removing old expired sessions.

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 1380 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\collectGarbage(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start().

◆ getAuthInfoArray()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getAuthInfoArray ( )

Returns an info array which provides additional information for auth services

Returns
‪array

Definition at line 1340 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$checkPid_value, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$loginType, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$showHiddenRecords, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$user_table, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$usergroup_column, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$usergroup_table, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$userid_column, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$userident_column, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$username_column, TYPO3\CMS\Core\Database\Query\Restriction\QueryRestrictionInterface\buildExpression(), TYPO3\CMS\Core\Utility\GeneralUtility\intExplode(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\userConstraints().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\fetchGroupData(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\processLoginData().

◆ getAuthServices()

Traversable TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getAuthServices ( string  $subType,
array  $loginData,
array  $authInfo 
)
protected

Initializes authentication services to be used in a foreach loop

Parameters
string$subType‪e.g. getUserFE
array$loginData
array$authInfo
Returns
‪\Traversable A generator of service objects

Definition at line 813 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\fetchGroupData(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\processLoginData().

◆ getCookie()

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getCookie (   $cookieName)
protected

Get the value of a specified cookie.

Parameters
string$cookieName‪The cookie ID
Returns
‪string The value stored in the cookie

Definition at line 486 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isCookieSet(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start().

◆ getCookieDomain()

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getCookieDomain ( )
protected

Gets the domain to be used on setting cookies. The information is taken from the value in $GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'].

Returns
‪string The domain to be used on setting cookies

Definition at line 455 of file AbstractUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$loginType.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeCookie(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionCookie().

◆ getHttpHeaders()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getHttpHeaders ( )
protected

Get the http headers to be sent if an authenticated user is available, in order to disallow browsers to store the response on the client side.

Returns
‪array

Definition at line 374 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\sendHttpHeaders().

◆ getLoginFormData()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getLoginFormData ( )

Returns an info array with Login/Logout data submitted by a form or params

Returns
‪array

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 1256 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\LoginType\LOGIN, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\processLoginData().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), and TYPO3\CMS\Backend\Controller\AjaxLoginController\hasLoginBeenProcessed().

◆ getLoginType()

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getLoginType ( )
Returns
‪string

Definition at line 1492 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$loginType.

Referenced by TYPO3\CMS\Beuser\Domain\Repository\BackendUserRepository\getSessionBackend(), and TYPO3\CMS\Beuser\Controller\BackendUserController\getSessionBackend().

◆ getModuleData()

mixed TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getModuleData (   $module,
  $type = '' 
)

Gets module data for a module (from a loaded ->uc array)

Parameters
string$module‪Is the name of the module ($MCONF['name'])
string$type‪If $type = 'ses' then module data is returned only if it was stored in the current session, otherwise data from a previous session will be returned (if available).
Returns
‪mixed The module data if available: $this->uc['moduleData'][$module];

Definition at line 1181 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$sessionData.

Referenced by TYPO3\CMS\Backend\Controller\EditDocumentController\closeDocument(), TYPO3\CMS\Backend\Clipboard\Clipboard\initializeClipboard(), TYPO3\CMS\Dashboard\DashboardInitializationService\loadCurrentDashboard(), and TYPO3\CMS\Backend\Controller\EditDocumentController\preInit().

◆ getNewSessionRecord()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getNewSessionRecord (   $tempuser)

Returns a new session record for the current user for insertion into the DB. This function is mainly there as a wrapper for inheriting classes to override it.

Parameters
array$tempuser
Returns
‪array User session record

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 901 of file AbstractUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$id, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$userid_column.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\createUserSession().

◆ getRawUserByName()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getRawUserByName (   $name)

Fetching raw user record with username=$name

Parameters
string$name‪The username to look up.
Returns
‪array user record or FALSE
See also
‪\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getUserByUid()

Definition at line 1468 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$name, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\userConstraints().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setBeUserByName().

◆ getRawUserByUid()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getRawUserByUid (   $uid)

Fetching raw user record with uid=$uid

Parameters
int$uid‪The UID of the backend user to set in ->user
Returns
‪array user record or FALSE

Definition at line 1449 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\userConstraints().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\fetchUserSession(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setBeUserByUid().

◆ getSessionBackend()

SessionBackendInterface TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getSessionBackend ( )
protected

Returns initialized session backend. Returns same session backend if called multiple times

Returns
‪SessionBackendInterface

Definition at line 1502 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$sessionBackend.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\createUserSession(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\fetchUserSession(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\gc(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\gc(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isExistingSessionRecord(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\performLogoff(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\performLogoff(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\regenerateSessionId(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\regenerateSessionId(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\removeSessionData(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setAndSaveSessionData(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ getSessionData()

mixed TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getSessionData (   $key)

Returns the session data stored for $key. The data will last only for this login session since it is stored in the user session.

Parameters
string$key‪The key associated with the session data
Returns
‪mixed

Definition at line 1206 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Workspaces\Controller\Remote\MassActionHandler\flushWorkspace(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getKey(), TYPO3\CMS\Beuser\Controller\PermissionController\initializeAction(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeWebmountsForElementBrowser(), TYPO3\CMS\Workspaces\Controller\Remote\MassActionHandler\processData(), TYPO3\CMS\Workspaces\Controller\Remote\MassActionHandler\publishWorkspace(), and TYPO3\CMS\Form\Mvc\Property\TypeConverter\FormDefinitionArrayConverter\retrieveSessionToken().

◆ getSessionId()

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getSessionId ( )
Returns
‪string

Definition at line 1483 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$id.

Referenced by TYPO3\CMS\Beuser\Controller\BackendUserController\onlineAction().

◆ isCookieSet()

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::isCookieSet ( )

Returns whether this request is going to set a cookie or a cookie was already found in the system

Returns
‪bool Returns TRUE if a cookie is set

Definition at line 1063 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getCookie().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\performLogoff(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ isExistingSessionRecord()

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::isExistingSessionRecord (   $id)

Determine whether there's an according session record to a given session_id. Don't care if session record is still valid or not.

Parameters
string$id‪Claimed Session ID
Returns
‪bool Returns TRUE if a corresponding session was found in the database

Definition at line 1039 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$id, TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\get(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\removeSessionData(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ isRefreshTimeBasedCookie()

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::isRefreshTimeBasedCookie ( )

Determine whether a non-session cookie needs to be set (lifetime>0)

Returns
‪bool

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 508 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionCookie(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start().

◆ isSetSessionCookie()

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::isSetSessionCookie ( )

Determine whether a session cookie needs to be set (lifetime=0)

Returns
‪bool

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 497 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionCookie().

◆ logoff()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::logoff ( )

Log out current user! Removes the current session record, sets the internal ->user array to a blank string; Thereby the current user (if any) is effectively logged out!

Reimplemented in TYPO3\CMS\Core\Authentication\BackendUserAuthentication.

Definition at line 983 of file AbstractUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\performLogoff().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\fetchUserSession().

◆ performLogoff()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::performLogoff ( )
protected

Perform the logoff action. Called from logoff() as a way to allow subclasses to override what happens when a user logs off, without needing to reproduce the hook calls and logging that happens in the public logoff() API method.

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 1007 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isCookieSet(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\remove(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeCookie().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\logoff().

◆ processLoginData()

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::processLoginData (   $loginData,
  $passwordTransmissionStrategy = '' 
)

Processes Login data submitted by a form or params depending on the passwordTransmissionStrategy

Parameters
array$loginData‪Login data array
string$passwordTransmissionStrategy‪Alternative passwordTransmissionStrategy. Used when authentication services wants to override the default.
Returns
‪array

Definition at line 1279 of file AbstractUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$loginType, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthServices(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeSensitiveLoginDataForLoggingInfo().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getLoginFormData().

◆ pushModuleData()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::pushModuleData (   $module,
  $data,
  $noSave = 0 
)

Stores data for a module. The data is stored with the session id so you can even check upon retrieval if the module data is from a previous session or from the current session.

Parameters
string$module‪Is the name of the module ($MCONF['name'])
mixed$data‪Is the data you want to store for that module (array, string, ...)
bool | int$noSave‪If $noSave is set, then the ->uc array (which carries all kinds of user data) is NOT written immediately, but must be written by some subsequent call.

Definition at line 1161 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writeUC().

Referenced by TYPO3\CMS\Backend\Controller\EditDocumentController\closeDocument(), TYPO3\CMS\Tstemplate\Controller\TypoScriptTemplateObjectBrowserModuleFunctionController\main(), TYPO3\CMS\Backend\Controller\EditDocumentController\main(), TYPO3\CMS\Tstemplate\Controller\TypoScriptTemplateObjectBrowserModuleFunctionController\modMenu(), TYPO3\CMS\Backend\Clipboard\Clipboard\saveClipboard(), TYPO3\CMS\Dashboard\DashboardInitializationService\saveCurrentDashboard(), and TYPO3\CMS\Linkvalidator\Report\LinkValidatorReport\validateSettings().

◆ regenerateSessionId()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::regenerateSessionId ( array  $existingSessionRecord = [],
bool  $anonymous = false 
)
protected

Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated.

Parameters
array$existingSessionRecord‪If given, this session record will be used instead of fetching again
bool$anonymous‪If true session will be regenerated as anonymous session

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 834 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$id, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\createSessionId(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\get(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\remove(), and TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\set().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\enforceNewSessionId().

◆ removeCookie()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::removeCookie (   $cookieName)

Empty / unset the cookie

Parameters
string$cookieName‪usually, this is $this->name

Definition at line 1024 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getCookieDomain().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\performLogoff(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ removeSensitiveLoginDataForLoggingInfo()

mixed TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::removeSensitiveLoginDataForLoggingInfo (   $data,
bool  $isUserRecord = false 
)
protected

Removes any sensitive data from the incoming data (either from loginData, processedLogin data or the user record from the DB).

No type hinting is added because it might be possible that the incoming data is of any other type.

Parameters
mixed | array$data
bool$isUserRecord
Returns
‪mixed

Definition at line 1316 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\processLoginData().

◆ sendHttpHeaders()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::sendHttpHeaders ( )
protected

Set all possible headers that could ensure that the script is not cached on the client-side.

Only do this if $this->sendNoCacheHeaders is set.

Definition at line 356 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getHttpHeaders(), and TYPO3\CMS\Core\Core\Environment\isCli().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start().

◆ setAndSaveSessionData()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::setAndSaveSessionData (   $key,
  $data 
)

Sets the session data ($data) for $key and writes all session data (from ->user['ses_data']) to the database. The data will last only for this login session since it is stored in the session table.

Parameters
string$key‪Pointer to an associative key in the session data array which is stored serialized in the field "ses_data" of the session table.
mixed$data‪The data to store in index $key

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 1233 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), and TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\update().

Referenced by TYPO3\CMS\Workspaces\Controller\Remote\MassActionHandler\initFlushData(), TYPO3\CMS\Beuser\Controller\PermissionController\initializeAction(), TYPO3\CMS\Workspaces\Controller\Remote\MassActionHandler\initPublishData(), TYPO3\CMS\Form\Domain\Configuration\FormDefinitionConversionService\persistSessionToken(), TYPO3\CMS\Workspaces\Controller\Remote\MassActionHandler\processData(), and TYPO3\CMS\Core\Messaging\FlashMessageQueue\storeFlashMessagesInSession().

◆ setBeUserByName()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::setBeUserByName (   $name)

Raw initialization of the be_user with username=$name

Parameters
string$name‪The username to look up.
See also
‪\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::setBeUserByUid()

Definition at line 1437 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getRawUserByName().

Referenced by TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\authenticate().

◆ setBeUserByUid()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::setBeUserByUid (   $uid)

Raw initialization of the be_user with uid=$uid This will circumvent all login procedures and select a be_users record from the database and set the content of ->user to the record selected. Thus the BE_USER object will appear like if a user was authenticated - however without a session id and the fields from the session table of course. Will check the users for disabled, start/endtime, etc. ($this->user_where_clause())

Parameters
int$uid‪The UID of the backend user to set in ->user

Definition at line 1425 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getRawUserByUid().

◆ setSessionCookie()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::setSessionCookie ( )
protected

Sets the session cookie for the current disposal.

Exceptions
Exception

Definition at line 402 of file AbstractUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getCookieDomain(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isRefreshTimeBasedCookie(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isSetSessionCookie().

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\enforceNewSessionId(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\start(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ setSessionData()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::setSessionData (   $key,
  $data 
)

Set session data by key. The data will last only for this login session since it is stored in the user session.

Parameters
string$key‪A non empty string to store the data under
mixed$data‪Data store store in session

Reimplemented in TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication.

Definition at line 1218 of file AbstractUserAuthentication.php.

◆ start()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::start ( )

Starts a user session Typical configurations will: a) check if session cookie was set and if not, set one, b) check if a password/username was sent and if so, try to authenticate the user c) Lookup a session attached to a user and check timeout etc. d) Garbage collection, setting of no-cache headers. If a user is authenticated the database record of the user (array) will be set in the ->user internal variable.

Reimplemented in TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication.

Definition at line 313 of file AbstractUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\createSessionId(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\gc(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getCookie(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isExistingSessionRecord(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isRefreshTimeBasedCookie(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\sendHttpHeaders(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionCookie().

◆ unpack_uc()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::unpack_uc (   $theUC = '')

Sets $theUC as the internal variable ->uc IF $theUC is an array. If $theUC is FALSE, the 'uc' content from the ->user array will be unserialized and restored in ->uc

Parameters
mixed$theUC‪If an array, then set as ->uc, otherwise load from user record

Definition at line 1142 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC().

◆ updateLoginTimestamp()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::updateLoginTimestamp ( int  $userId)
protected

Updates the last login column in the user with the given id

Parameters
int$userId

Definition at line 882 of file AbstractUserAuthentication.php.

References $GLOBALS.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\createUserSession().

◆ userConstraints()

QueryRestrictionContainerInterface TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::userConstraints ( )
protected

This returns the restrictions needed to select the user respecting enable columns and flags like deleted, hidden, starttime, endtime and rootLevel

Returns
‪QueryRestrictionContainerInterface

Definition at line 1081 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getRawUserByName(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getRawUserByUid().

◆ writelog()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::writelog (   $type,
  $action,
  $error,
  $details_nr,
  $details,
  $data,
  $tablename,
  $recuid,
  $recpid 
)

DUMMY: Writes to log database table (in some extension classes)

Parameters
int$type‪denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
int$action‪denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
int$error‪flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
int$details_nr‪The message number. Specific for each $type and $action. in the future this will make it possible to translate error messages to other languages
string$details‪Default text that follows the message
array$data‪Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...
string$tablename‪Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
int | string$recuid‪Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
int | string$recpid‪Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)

Definition at line 1398 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication().

◆ writeUC()

TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::writeUC (   $variable = '')

This writes $variable to the user-record. This is a way of providing session-data. You can fetch the data again through $this->uc in this class! If $variable is not an array, $this->uc is saved!

Parameters
array | string$variable‪An array you want to store for the user as session data. If $variable is not supplied (is null), the internal variable, ->uc, is stored by default

Definition at line 1120 of file AbstractUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$uc, and TYPO3\CMS\Core\Database\Connection\PARAM_LOB.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC(), TYPO3\CMS\Viewpage\Controller\ViewModuleController\getCurrentLanguage(), TYPO3\CMS\Backend\Controller\ContentElement\ElementHistoryController\prepareDisplaySettings(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\pushModuleData(), TYPO3\CMS\Reports\Controller\ReportController\resetState(), TYPO3\CMS\Workspaces\Controller\Remote\ActionHandler\saveColumnModel(), TYPO3\CMS\Workspaces\Controller\Remote\ActionHandler\saveLanguageSelection(), TYPO3\CMS\Reports\Controller\ReportController\saveState(), TYPO3\CMS\Backend\Controller\Page\TreeController\setTemporaryMountPointAction(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData(), and TYPO3\CMS\Beuser\Controller\BackendUserController\switchUser().

Member Data Documentation

◆ $auth_timeout_field

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$auth_timeout_field = ''

Name for a field to fetch the server session timeout from. If not empty this is a field name from the user table where the timeout can be found.

Definition at line 139 of file AbstractUserAuthentication.php.

◆ $checkPid

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$checkPid = true

If set, the user-record must be stored at the page defined by $checkPid_value

Definition at line 204 of file AbstractUserAuthentication.php.

◆ $checkPid_value

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$checkPid_value = 0

The page id the user record must be stored at

Definition at line 209 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ $cookieWasSetOnCurrentRequest

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$cookieWasSetOnCurrentRequest = false
protected

Definition at line 249 of file AbstractUserAuthentication.php.

◆ $dontSetCookie

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$dontSetCookie = false

Will prevent the setting of the session cookie (takes precedence over forceSetCookie)

Definition at line 245 of file AbstractUserAuthentication.php.

◆ $enablecolumns

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$enablecolumns
Initial value:
= array(
'rootLevel' => '',
'disabled' => '',
'starttime' => '',
'endtime' => '',
'deleted' => '',
)

Enable field columns of user table

Definition at line 98 of file AbstractUserAuthentication.php.

◆ $forceSetCookie

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$forceSetCookie = false

Will force the session cookie to be set every time (lifetime must be 0)

Definition at line 240 of file AbstractUserAuthentication.php.

◆ $formfield_status

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$formfield_status = ''

Form field with status: *'login', 'logout'. If empty login is not verified.

Definition at line 124 of file AbstractUserAuthentication.php.

◆ $formfield_uident

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$formfield_uident = ''

Form field with password

Definition at line 119 of file AbstractUserAuthentication.php.

◆ $formfield_uname

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$formfield_uname = ''

Form field with login-name

Definition at line 114 of file AbstractUserAuthentication.php.

◆ $gc_probability

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$gc_probability = 1

Probability for garbage collection to be run (in percent)

Definition at line 161 of file AbstractUserAuthentication.php.

◆ $gc_time

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$gc_time = 86400

GarbageCollection Purge all server session data older than $gc_time seconds. if $this->sessionTimeout > 0, then the session timeout is used instead.

Definition at line 156 of file AbstractUserAuthentication.php.

◆ $hash_length

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$hash_length = 32

The ident-hash is normally 32 characters and should be! But if you are making sites for WAP-devices or other low-bandwidth stuff, you may shorten the length. Never let this value drop below 6! A length of 6 would give you more than 16 mio possibilities.

Definition at line 185 of file AbstractUserAuthentication.php.

◆ $id

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$id

session_id (MD5-hash)

Definition at line 215 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getNewSessionRecord(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionId(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isExistingSessionRecord(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isInWebMount(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\regenerateSessionId(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceAllowAutoCreation().

◆ $ipLocker

IpLocker TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$ipLocker
protected

Definition at line 267 of file AbstractUserAuthentication.php.

◆ $lastLogin_column

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$lastLogin_column = ''

Column name for last login timestamp

Definition at line 93 of file AbstractUserAuthentication.php.

◆ $lifetime

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$lifetime = 0

Lifetime for the session-cookie (on the client)

If >0: permanent cookie with given lifetime If 0: session-cookie Session-cookie means the browser will remove it when the browser is closed.

Definition at line 149 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\__construct().

◆ $loginFailure

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$loginFailure = false

Indicates if an authentication was started but failed

Definition at line 220 of file AbstractUserAuthentication.php.

◆ $loginSessionStarted

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$loginSessionStarted = false

Will be set to TRUE if the login session is actually written during auth-check.

Definition at line 225 of file AbstractUserAuthentication.php.

◆ $loginType

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$loginType = ''

Login type, used for services.

Definition at line 254 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getCookieDomain(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getLoginType(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\processLoginData().

◆ $name

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$name = ''

Session/Cookie name

Definition at line 58 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getRawUserByName().

◆ $newSessionID

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$newSessionID = false

Will be set to TRUE if a new session ID was created

Definition at line 235 of file AbstractUserAuthentication.php.

◆ $sendNoCacheHeaders

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$sendNoCacheHeaders = true

Send no-cache headers

Definition at line 176 of file AbstractUserAuthentication.php.

◆ $sessionBackend

SessionBackendInterface TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$sessionBackend
protected

Definition at line 271 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend().

◆ $sessionData

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$sessionData = array( )
protected

Holds deserialized data from session records. 'Reserved' keys are:

  • ‪'sys': Reserved for TypoScript standard code.

Definition at line 278 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getModuleData(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\performLogoff().

◆ $sessionTimeout

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$sessionTimeout = 0

Session timeout (on the server)

If >0: session-timeout in seconds. If <=0: Instant logout after login.

Definition at line 133 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\__construct(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\fetchUserSession().

◆ $showHiddenRecords

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$showHiddenRecords = false

Definition at line 109 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ $svConfig

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$svConfig = array( )

"auth" services configuration array from $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']

Definition at line 259 of file AbstractUserAuthentication.php.

◆ $uc

array TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$uc

Definition at line 263 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writeUC().

◆ $user

array null TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$user

contains user- AND session-data from database (joined tables)

Definition at line 230 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendCheckLogin().

◆ $user_table

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$user_table = ''

Table in database with user data

Definition at line 63 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ $usergroup_column

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$usergroup_column = ''

Column for user group information

Definition at line 88 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ $usergroup_table

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$usergroup_table = ''

Table in database with user groups

Definition at line 68 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ $userid_column

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$userid_column = ''

Column for user-id

Definition at line 83 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getNewSessionRecord().

◆ $userident_column

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$userident_column = ''

Column for password

Definition at line 78 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ $username_column

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$username_column = ''

Column for login-name

Definition at line 73 of file AbstractUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ $warningEmail

string TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$warningEmail = ''

Definition at line 189 of file AbstractUserAuthentication.php.

◆ $warningMax

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$warningMax = 3

The maximum accepted number of warnings before an email to $warningEmail is sent

Definition at line 199 of file AbstractUserAuthentication.php.

◆ $warningPeriod

int TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$warningPeriod = 3600

Time span (in seconds) within the number of failed logins are collected

Definition at line 194 of file AbstractUserAuthentication.php.

◆ $writeAttemptLog

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$writeAttemptLog = false

Log failed login attempts

Definition at line 171 of file AbstractUserAuthentication.php.

◆ $writeStdLog

bool TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::$writeStdLog = false

Decides if the writelog() function is called at login and logout

Definition at line 166 of file AbstractUserAuthentication.php.