AuthenticationService extends AbstractAuthenticationService implements MimicServiceInterface
Authentication services class
Table of Contents
Interfaces
Properties
- $authInfo : array<string|int, mixed>
- Various data
- $db_user : array<string|int, mixed>
- User db table definition
- $info : array<string|int, mixed>
- $login : array<string|int, mixed>
- Submitted login form data
- $mode : string
- Subtype of the service which is used to call the service.
- $pObj : AbstractUserAuthentication
- User object
- $writeAttemptLog : bool
- If the writelog() functions is called if a login-attempt has be tried without success
Methods
- authUser() : int
- Authenticate a user: Check submitted user credentials against stored hashed password.
- fetchUserRecord() : array<string, mixed>|false
- Get a user from DB by username
- getLastErrorArray() : array<string|int, mixed>
- getServiceKey() : string
- Returns the service key of the service
- getServiceOption() : mixed
- Returns service configuration values from the $TYPO3_CONF_VARS['SVCONF'] array
- getServiceTitle() : string
- Returns the title of the service
- getUser() : array<string, mixed>|false
- Find a user (eg. look up the user record in database when a login is sent)
- init() : bool
- Initialization of the service.
- initAuth() : mixed
- Initialize authentication service
- mimicAuthUser() : bool
- Mimics password hashing for invalid authentication requests to mitigate
- processLoginData() : bool
- Process the submitted credentials.
- reset() : mixed
- Resets the service.
- writelog() : mixed
- Writes to log database table in pObj
- updatePasswordHashInDatabase() : void
- Method updates a FE/BE user record - in this case a new password string will be set.
- writeLogMessage() : void
- Writes log message. Destination log depends on the current system mode.
Properties
$authInfo
Various data
public
array<string|int, mixed>
$authInfo
= []
$db_user
User db table definition
public
array<string|int, mixed>
$db_user
= []
$info
public
array<string|int, mixed>
$info
= []
service description array
$login
Submitted login form data
public
array<string|int, mixed>
$login
= []
$mode
Subtype of the service which is used to call the service.
public
string
$mode
$pObj
User object
public
AbstractUserAuthentication
$pObj
$writeAttemptLog
If the writelog() functions is called if a login-attempt has be tried without success
public
bool
$writeAttemptLog
= false
Methods
authUser()
Authenticate a user: Check submitted user credentials against stored hashed password.
public
authUser(array<string, mixed> $user) : int
Returns one of the following status codes:
= 200: User authenticated successfully. No more checking is needed by other auth services. = 100: User not authenticated; this service is not responsible. Other auth services will be asked. 0: User authenticated successfully. Other auth services will still be asked. <= 0: Authentication failed, no more checking needed by other auth services.
Parameters
- $user : array<string, mixed>
-
User data
Return values
int —Authentication status code, one of 0, 100, 200
fetchUserRecord()
Get a user from DB by username
public
fetchUserRecord(string $username[, string $extraWhere = '' ][, array<string|int, mixed>|string $dbUserSetup = '' ]) : array<string, mixed>|false
Parameters
- $username : string
-
User name
- $extraWhere : string = ''
-
Additional WHERE clause: " AND ...
- $dbUserSetup : array<string|int, mixed>|string = ''
-
User db table definition, or empty string for $this->db_user
Return values
array<string, mixed>|false —User array or FALSE
getLastErrorArray()
public
getLastErrorArray() : array<string|int, mixed>
this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
Return values
array<string|int, mixed>getServiceKey()
Returns the service key of the service
public
getServiceKey() : string
this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
Return values
string —Service key
getServiceOption()
Returns service configuration values from the $TYPO3_CONF_VARS['SVCONF'] array
public
getServiceOption(string $optionName[, mixed $defaultValue = '' ][, bool $includeDefaultConfig = true ]) : mixed
Parameters
- $optionName : string
-
Name of the config option
- $defaultValue : mixed = ''
-
Default configuration if no special config is available
- $includeDefaultConfig : bool = true
-
If set the 'default' config will be returned if no special config for this service is available (default: TRUE)
this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
Return values
mixed —Configuration value for the service
getServiceTitle()
Returns the title of the service
public
getServiceTitle() : string
this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
Return values
string —Service title
getUser()
Find a user (eg. look up the user record in database when a login is sent)
public
getUser() : array<string, mixed>|false
Return values
array<string, mixed>|false —User array or FALSE
init()
Initialization of the service.
public
init() : bool
This is a stub as needed by GeneralUtility::makeInstanceService()
this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
Return values
boolinitAuth()
Initialize authentication service
public
initAuth(string $mode, array<string|int, mixed> $loginData, array<string|int, mixed> $authInfo, AbstractUserAuthentication $pObj) : mixed
Parameters
- $mode : string
-
Subtype of the service which is used to call the service.
- $loginData : array<string|int, mixed>
-
Submitted login form data
- $authInfo : array<string|int, mixed>
-
Information array. Holds submitted form data etc.
- $pObj : AbstractUserAuthentication
-
Parent object
mimicAuthUser()
Mimics password hashing for invalid authentication requests to mitigate
public
mimicAuthUser() : bool
Tags
Return values
bool —whether other services shall continue
processLoginData()
Process the submitted credentials.
public
processLoginData(array<string|int, mixed> &$loginData, string $passwordTransmissionStrategy) : bool
In this case hash the clear text password if it has been submitted.
Parameters
- $loginData : array<string|int, mixed>
-
Credentials that are submitted and potentially modified by other services
- $passwordTransmissionStrategy : string
-
Keyword of how the password has been hashed or encrypted before submission
Return values
boolreset()
Resets the service.
public
reset() : mixed
This is a stub as needed by GeneralUtility::makeInstanceService()
this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
writelog()
Writes to log database table in pObj
public
writelog(int $type, int $action, int $error, int $details_nr, string $details, array<string|int, mixed> $data[, string $tablename = '' ][, int|string $recuid = '' ][, int|string $recpid = '' ]) : mixed
Parameters
- $type : int
-
denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
- $action : int
-
denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
- $error : int
-
flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
- $details_nr : int
-
The message number. Specific for each $type and $action. in the future this will make it possible to translate error messages to other languages
- $details : string
-
Default text that follows the message
- $data : array<string|int, mixed>
-
Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...
- $tablename : string = ''
-
Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
- $recuid : int|string = ''
-
Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
- $recpid : int|string = ''
-
Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
updatePasswordHashInDatabase()
Method updates a FE/BE user record - in this case a new password string will be set.
protected
updatePasswordHashInDatabase(string $table, int $uid, string $newPassword) : void
Parameters
- $table : string
-
Database table of this user, usually 'be_users' or 'fe_users'
- $uid : int
-
uid of user record that will be updated
- $newPassword : string
-
Field values as key=>value pairs to be updated in database
writeLogMessage()
Writes log message. Destination log depends on the current system mode.
protected
writeLogMessage(string $message, array<int, mixed> ...$params) : void
This function accepts variable number of arguments and can format parameters. The syntax is the same as for sprintf() If a marker ###IP### is present in the message, it is automatically replaced with the REMOTE_ADDR
Parameters
- $message : string
-
Message to output
- $params : array<int, mixed>