TYPO3\CMS\Core\Authentication\AuthenticationService Class Reference

Inheritance diagram for TYPO3\CMS\Core\Authentication\AuthenticationService:

Public Member Functions
bool	processLoginData (array &$loginData, $passwordTransmissionStrategy)
mixed	getUser ()
int	authUser (array $user)
	mimicAuthUser ()
mixed	getGroups ($user, $knownGroups)
	getSubGroups ($grList, $idList, &$groups)
‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractAuthenticationService
	initAuth ($mode, $loginData, $authInfo, $pObj)
	writelog ($type, $action, $error, $details_nr, $details, $data, $tablename='', $recuid='', $recpid='')
mixed	fetchUserRecord ($username, $extraWhere='', $dbUserSetup='')
	init ()
	reset ()
string	getServiceKey ()
string	getServiceTitle ()
mixed	getServiceOption ($optionName, $defaultValue='', $includeDefaultConfig=true)
array	getLastErrorArray ()

Protected Member Functions
	updatePasswordHashInDatabase (string $table, int $uid, string $newPassword)
	writeLogMessage (string $message,... $params)

Additional Inherited Members
‪Public Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractAuthenticationService
AbstractUserAuthentication	$pObj
string	$mode
array	$login = array( )
array	$authInfo = array( )
array	$db_user = array( )
array	$db_groups = array( )
bool	$writeAttemptLog = false
array	$info = array( )

Detailed Description

Authentication services class

Definition at line 32 of file AuthenticationService.php.

Member Function Documentation

authUser()

int TYPO3\CMS\Core\Authentication\AuthenticationService::authUser

(

array

$user

)

Authenticate a user: Check submitted user credentials against stored hashed password, check domain lock if configured.

Returns one of the following status codes: >= 200: User authenticated successfully. No more checking is needed by other auth services. >= 100: User not authenticated; this service is not responsible. Other auth services will be asked.

0: User authenticated successfully. Other auth services will still be asked.

<= 0: Authentication failed, no more checking needed by other auth services.

Parameters

array

$user

‪User data

Returns

‪int Authentication status code, one of 0, 100, 200

Definition at line 101 of file AuthenticationService.php.

getGroups()

mixed TYPO3\CMS\Core\Authentication\AuthenticationService::getGroups	(		$user,
			$knownGroups
	)

Find usergroup records, currently only for frontend

Parameters

array	$user	‪Data of user.
array	$knownGroups	‪Group data array of already known groups. This is handy if you want select other related groups. Keys in this array are unique IDs of those groups.

Returns

‪mixed Groups array, keys = uid which must be unique

Definition at line 219 of file AuthenticationService.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\AuthenticationService\getSubGroups().

getSubGroups()

TYPO3\CMS\Core\Authentication\AuthenticationService::getSubGroups	(		$grList,
			$idList,
		&	$groups
	)

Fetches subgroups of groups. Function is called recursively for each subgroup. Function was previously copied from \TYPO3\CMS\Core\Authentication\BackendUserAuthentication->fetchGroups and has been slightly modified.

Parameters

string	$grList	‪Commalist of fe_groups uid numbers
string	$idList	‪List of already processed fe_groups-uids so the function will not fall into an eternal recursion.
array	$groups

Definition at line 288 of file AuthenticationService.php.

References TYPO3\CMS\Core\Utility\GeneralUtility\intExplode().

Referenced by TYPO3\CMS\Core\Authentication\AuthenticationService\getGroups().

getUser()

mixed TYPO3\CMS\Core\Authentication\AuthenticationService::getUser

(

)

Find a user (eg. look up the user record in database when a login is sent)

Returns

‪mixed User array or FALSE

Definition at line 58 of file AuthenticationService.php.

References TYPO3\CMS\Core\Authentication\AbstractAuthenticationService\fetchUserRecord(), TYPO3\CMS\Core\Authentication\LoginType\LOGIN, and TYPO3\CMS\Core\Authentication\AbstractAuthenticationService\writelog().

mimicAuthUser()

TYPO3\CMS\Core\Authentication\AuthenticationService::mimicAuthUser

(

)

Mimics password hashing for invalid authentication requests to mitigate CWE-208: Observable Timing Discrepancy

Implements TYPO3\CMS\Core\Authentication\MimicServiceInterface.

Definition at line 200 of file AuthenticationService.php.

processLoginData()

bool TYPO3\CMS\Core\Authentication\AuthenticationService::processLoginData	(	array &	$loginData,
			$passwordTransmissionStrategy
	)

Process the submitted credentials. In this case hash the clear text password if it has been submitted.

Parameters

array	$loginData	‪Credentials that are submitted and potentially modified by other services
string	$passwordTransmissionStrategy	‪Keyword of how the password has been hashed or encrypted before submission

Returns

‪bool

Definition at line 42 of file AuthenticationService.php.

updatePasswordHashInDatabase()

TYPO3\CMS\Core\Authentication\AuthenticationService::updatePasswordHashInDatabase ( string  $table, int  $uid, string  $newPassword  )

protected

Method updates a FE/BE user record - in this case a new password string will be set.

Parameters

string	$table	‪Database table of this user, usually 'be_users' or 'fe_users'
int	$uid	‪uid of user record that will be updated
string	$newPassword	‪Field values as key=>value pairs to be updated in database

Definition at line 353 of file AuthenticationService.php.

writeLogMessage()

TYPO3\CMS\Core\Authentication\AuthenticationService::writeLogMessage ( string  $message,   $params  )

protected

Writes log message. Destination log depends on the current system mode.

This function accepts variable number of arguments and can format parameters. The syntax is the same as for sprintf() If a marker ###IP### is present in the message, it is automatically replaced with the REMOTE_ADDR

Parameters

string	$message	‪Message to output
	array<int,mixed>	‪$params

Definition at line 374 of file AuthenticationService.php.