‪TYPO3CMS  10.4
BackendUserAuthenticator.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
20 use Psr\Http\Message\ResponseInterface;
21 use Psr\Http\Message\ServerRequestInterface;
22 use Psr\Http\Server\RequestHandlerInterface;
29 
39 {
47  public function ‪process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
48  {
49  // Initializing a possible logged-in Backend User
50  // If the backend cookie is set,
51  // we proceed and check if a backend user is logged in.
52  $backendUserObject = null;
53  if (isset($request->getCookieParams()[‪BackendUserAuthentication::getCookieName()])) {
54  $backendUserObject = $this->‪initializeBackendUser($request);
55  }
56  ‪$GLOBALS['BE_USER'] = $backendUserObject;
57  // Load specific dependencies which are necessary for a valid Backend User
58  // like $GLOBALS['LANG'] for labels in the language of the BE User, the router, and ext_tables.php for all modules
59  // So things like Frontend Editing and Admin Panel can use this for generating links to the TYPO3 Backend.
60  if (‪$GLOBALS['BE_USER'] instanceof ‪FrontendBackendUserAuthentication) {
63  $this->‪setBackendUserAspect(‪$GLOBALS['BE_USER']);
64  }
65 
66  $response = $handler->handle($request);
67 
68  // If, when building the response, the user is still available, then ensure that the headers are sent properly
69  if ($this->context->getAspect('backend.user')->isLoggedIn()) {
70  return $this->‪applyHeadersToResponse($response);
71  }
72  return $response;
73  }
74 
82  protected function ‪initializeBackendUser(ServerRequestInterface $request)
83  {
84  // New backend user object
85  $backendUserObject = GeneralUtility::makeInstance(FrontendBackendUserAuthentication::class);
86  $backendUserObject->start();
87  $backendUserObject->unpack_uc();
88  if (!empty($backendUserObject->user['uid'])) {
89  $this->‪setBackendUserAspect($backendUserObject, (int)$backendUserObject->user['workspace_id']);
90  $backendUserObject->fetchGroupData();
91  }
92  // Unset the user initialization if any setting / restriction applies
93  if (!$this->‪isAuthenticated($backendUserObject, $request->getAttribute('normalizedParams'))) {
94  $backendUserObject = null;
95  $this->‪setBackendUserAspect(null);
96  }
97  return $backendUserObject;
98  }
99 
108  {
109  // Check IP
110  $ipMask = trim(‪$GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'] ?? '');
111  if ($ipMask && !GeneralUtility::cmpIP($normalizedParams->‪getRemoteAddress(), $ipMask)) {
112  return false;
113  }
114  // Check SSL (https)
115  if ((bool)‪$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] && !$normalizedParams->‪isHttps()) {
116  return false;
117  }
118  return $user->‪backendCheckLogin();
119  }
120 }
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator
Definition: BackendUserAuthenticator.php:39
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication
Definition: FrontendBackendUserAuthentication.php:31
‪TYPO3\CMS\Core\Middleware\BackendUserAuthenticator\setBackendUserAspect
‪setBackendUserAspect(?BackendUserAuthentication $user, int $alternativeWorkspaceId=null)
Definition: BackendUserAuthenticator.php:94
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\initializeBackendUser
‪FrontendBackendUserAuthentication null initializeBackendUser(ServerRequestInterface $request)
Definition: BackendUserAuthenticator.php:82
‪TYPO3\CMS\Core\Localization\LanguageService\createFromUserPreferences
‪static createFromUserPreferences(?AbstractUserAuthentication $user)
Definition: LanguageService.php:435
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getCookieName
‪static string getCookieName()
Definition: BackendUserAuthentication.php:2462
‪TYPO3\CMS\Core\Http\NormalizedParams\getRemoteAddress
‪string getRemoteAddress()
Definition: NormalizedParams.php:413
‪TYPO3\CMS\Frontend\Middleware
Definition: BackendUserAuthenticator.php:18
‪TYPO3\CMS\Core\Middleware\BackendUserAuthenticator
Definition: BackendUserAuthenticator.php:49
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\isAuthenticated
‪bool isAuthenticated(FrontendBackendUserAuthentication $user, NormalizedParams $normalizedParams)
Definition: BackendUserAuthenticator.php:107
‪TYPO3\CMS\Core\Middleware\BackendUserAuthenticator\applyHeadersToResponse
‪ResponseInterface applyHeadersToResponse(ResponseInterface $response)
Definition: BackendUserAuthenticator.php:73
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:62
‪TYPO3\CMS\Core\Http\NormalizedParams\isHttps
‪bool isHttps()
Definition: NormalizedParams.php:333
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\process
‪ResponseInterface process(ServerRequestInterface $request, RequestHandlerInterface $handler)
Definition: BackendUserAuthenticator.php:47
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\backendCheckLogin
‪bool backendCheckLogin($proceedIfNoUserIsLoggedIn=false)
Definition: FrontendBackendUserAuthentication.php:70
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Core\Core\Bootstrap
Definition: Bootstrap.php:66
‪TYPO3\CMS\Core\Core\Bootstrap\loadExtTables
‪static loadExtTables(bool $allowCaching=true)
Definition: Bootstrap.php:546
‪TYPO3\CMS\Core\Localization\LanguageService
Definition: LanguageService.php:42
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:46
‪TYPO3\CMS\Core\Http\NormalizedParams
Definition: NormalizedParams.php:35