FrontendUserAuthentication extends AbstractUserAuthentication

Extension class for Front End User Authentication.

Table of Contents

Properties

$checkPid  : bool
If set, the user-record must be stored at the page defined by $checkPid_value
$checkPid_value  : int|string
The page id the user record must be stored at, can also hold a comma separated list of pids
$dontSetCookie  : bool
Will prevent the setting of the session cookie (takes precedence over forceSetCookie) Disable cookie by default, will be activated if saveSessionData() is called, a user is logging-in or an existing session is found
$enablecolumns  : array<string|int, mixed>
Enable field columns of user table
$formfield_permanent  : string
form field with 0 or 1 1 = permanent login enabled 0 = session is valid for a browser session only
$formfield_status  : string
Form field with status: *'login', 'logout'. If empty login is not verified.
$formfield_uident  : string
Form field with password
$formfield_uname  : string
Form field with login-name
$groupData  : array<string|int, mixed>
$is_permanent  : bool
$lastLogin_column  : string
Column name for last login timestamp
$loginSessionStarted  : bool
Will be set to TRUE if the login session is actually written during auth-check.
$loginType  : string
Login type, used for services.
$name  : string
Session/Cookie name
$uc  : array<string|int, mixed>
$user  : array<string|int, mixed>|null
$user_table  : string
Table in database with user data
$usergroup_column  : string
Column for user group information
$usergroup_table  : string
Table in database with user groups
$userGroups  : array<string|int, mixed>
This array will hold the groups that the user is a member of
$userid_column  : string
Column for user-id
$userident_column  : string
Column for password
$username_column  : string
Column for login-name
$writeAttemptLog  : bool
Log failed login attempts
$writeStdLog  : bool
Decides if the writelog() function is called at login and logout
$forceSetCookie  : bool
Will force the session cookie to be set every time (lifetime must be 0).
$lifetime  : int
Lifetime for the session-cookie (on the client)
$loginHidden  : bool
$setCookie  : Cookie|null
If set, this cookie will be set to the response.
$TSdataArray  : array<string|int, mixed>
Used to accumulate the TSconfig data of the user
$userData_change  : bool
$userSession  : UserSession|null
$userSessionManager  : UserSessionManager
$userTS  : array<string|int, mixed>

Methods

__construct()  : mixed
Initialize some important variables
__get()  : mixed
__isset()  : bool
__set()  : mixed
__unset()  : void
appendCookieToResponse()  : ResponseInterface
Used to apply a cookie to a PSR-7 Response.
checkAuthentication()  : mixed
Checks if a submission of username and password is present or use other authentication by auth services
createSessionId()  : string
Creates a new session ID.
createUserAspect()  : UserAspect
Initializes the front-end user groups for the context API, based on the user groups and the logged-in state.
createUserSession()  : UserSession
Creates a user session record and returns its values.
enforceNewSessionId()  : mixed
Regenerates the session ID and sets the cookie again.
fetchGroupData()  : mixed
Will select all fe_groups records that the current fe_user is member of.
fetchUserSession()  : array<string|int, mixed>|bool
Read the user session from db.
getAuthInfoArray()  : array<string|int, mixed>
Returns an info array which provides additional information for auth services
getCookieName()  : string
Returns the configured cookie name
getKey()  : mixed
Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)
getLoginFormData()  : array<string|int, mixed>
Returns an info array with Login/Logout data submitted by a form or params
getModuleData()  : mixed
Gets module data for a module (from a loaded ->uc array)
getRawUserByName()  : array<string|int, mixed>
Fetching raw user record with username=$name
getRawUserByUid()  : array<string|int, mixed>
Fetching raw user record with uid=$uid
getSession()  : UserSession
getSessionData()  : mixed
Returns the session data stored for $key.
getUserTSconf()  : array<string|int, mixed>
Returns the parsed TSconfig for the fe_user The TSconfig will be cached in $this->userTS.
hideActiveLogin()  : mixed
Hide the current login
initializeUserSessionManager()  : void
Currently needed for various unit tests, until start() and checkAuthentication() methods are smaller and extracted from this class.
isActiveLogin()  : bool
isCookieSet()  : bool
Returns whether this request is going to set a cookie or a cookie was already found in the system
isMfaSetupRequired()  : bool
Whether the user is required to set up MFA
isRefreshTimeBasedCookie()  : bool
Determine whether a non-session cookie needs to be set (lifetime>0)
isSetSessionCookie()  : bool
Determine whether a session cookie needs to be set (lifetime=0)
logoff()  : mixed
Log out current user! Removes the current session record, sets the internal ->user array to a blank string; Thereby the current user (if any) is effectively logged out!
processLoginData()  : array<string|int, mixed>
Processes Login data submitted by a form or params
pushModuleData()  : mixed
Stores data for a module.
removeCookie()  : mixed
Empty / unset the cookie
removeSessionData()  : mixed
Removes data of the current session.
setAndSaveSessionData()  : mixed
Saves the tokens so that they can be used by a later incarnation of this class.
setBeUserByName()  : mixed
Raw initialization of the be_user with username=$name
setBeUserByUid()  : mixed
Raw initialization of the be_user with uid=$uid This will circumvent all login procedures and select a be_users record from the database and set the content of ->user to the record selected.
setKey()  : mixed
Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details.
setSessionData()  : mixed
Set session data by key.
start()  : mixed
Starts a user session Typical configurations will: a) check if session cookie was set and if not, set one, b) check if a password/username was sent and if so, try to authenticate the user c) Lookup a session attached to a user and check timeout etc.
storeSessionData()  : mixed
Will write UC and session data.
unpack_uc()  : mixed
Sets $theUC as the internal variable ->uc IF $theUC is an array.
updateOnlineTimestamp()  : mixed
Update the field "is_online" every 60 seconds of a logged-in user
writelog()  : mixed
DUMMY: Writes to log database table (in some extension classes)
writeUC()  : mixed
This writes $variable to the user-record. This is a way of providing session-data.
evaluateMfaRequirements()  : void
This method checks if the user is authenticated but has not succeeded in passing his MFA challenge. This method can therefore only be used if a user has been authenticated against his first authentication method (username+password or any other authentication token).
fetchValidUserFromSessionOrDestroySession()  : array<string|int, mixed>|null
If the session is bound to a user, this method fetches the user record, and returns it.
getAuthServiceConfiguration()  : array<string|int, mixed>
"auth" services configuration array from $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']
getAuthServices()  : Traversable
Initializes authentication services to be used in a foreach loop
getCookie()  : string
Get the value of a specified cookie.
getCookieDomain()  : string
Gets the domain to be used on setting cookies.
handleLoginFailure()  : void
Implement functionality when there was a failed login
performLogoff()  : mixed
Perform the logoff action. Called from logoff() as a way to allow subclasses to override what happens when a user logs off, without needing to reproduce the hook calls and logging that happens in the public logoff() API method.
regenerateSessionId()  : mixed
Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated.
removeSensitiveLoginDataForLoggingInfo()  : mixed
Removes any sensitive data from the incoming data (either from loginData, processedLogin data or the user record from the DB).
setSessionCookie()  : mixed
Sets the session cookie for the current disposal.
updateLoginTimestamp()  : mixed
Updates the last login column in the user with the given id
userConstraints()  : QueryRestrictionContainerInterface
This returns the restrictions needed to select the user respecting enable columns and flags like deleted, hidden, starttime, endtime and rootLevel

Properties

$checkPid

If set, the user-record must be stored at the page defined by $checkPid_value

public bool $checkPid = true

$checkPid_value

The page id the user record must be stored at, can also hold a comma separated list of pids

public int|string $checkPid_value = 0

$dontSetCookie

Will prevent the setting of the session cookie (takes precedence over forceSetCookie) Disable cookie by default, will be activated if saveSessionData() is called, a user is logging-in or an existing session is found

public bool $dontSetCookie = true

$enablecolumns

Enable field columns of user table

public array<string|int, mixed> $enablecolumns = ['deleted' => 'deleted', 'disabled' => 'disable', 'starttime' => 'starttime', 'endtime' => 'endtime']

$formfield_permanent

form field with 0 or 1 1 = permanent login enabled 0 = session is valid for a browser session only

public string $formfield_permanent = 'permalogin'

$formfield_status

Form field with status: *'login', 'logout'. If empty login is not verified.

public string $formfield_status = 'logintype'

$formfield_uident

Form field with password

public string $formfield_uident = 'pass'

$formfield_uname

Form field with login-name

public string $formfield_uname = 'user'

$groupData

public array<string|int, mixed> $groupData = ['title' => [], 'uid' => [], 'pid' => []]

$is_permanent

public bool $is_permanent = false

$lastLogin_column

Column name for last login timestamp

public string $lastLogin_column = 'lastlogin'

$loginSessionStarted

Will be set to TRUE if the login session is actually written during auth-check.

public bool $loginSessionStarted = false

$loginType

Login type, used for services.

public string $loginType = 'FE'

$name

Session/Cookie name

public string $name = ''

$user

public array<string|int, mixed>|null $user

contains user- AND session-data from database (joined tables)

Internal

$user_table

Table in database with user data

public string $user_table = 'fe_users'

$usergroup_column

Column for user group information

public string $usergroup_column = 'usergroup'

$usergroup_table

Table in database with user groups

public string $usergroup_table = 'fe_groups'

$userGroups

This array will hold the groups that the user is a member of

public array<string|int, mixed> $userGroups = []

$userid_column

Column for user-id

public string $userid_column = 'uid'

$userident_column

Column for password

public string $userident_column = 'password'

$username_column

Column for login-name

public string $username_column = 'username'

$writeAttemptLog

Log failed login attempts

public bool $writeAttemptLog = false

$writeStdLog

Decides if the writelog() function is called at login and logout

public bool $writeStdLog = false

$forceSetCookie

Will force the session cookie to be set every time (lifetime must be 0).

protected bool $forceSetCookie = false

$lifetime

Lifetime for the session-cookie (on the client)

protected int $lifetime = 0

If >0: permanent cookie with given lifetime If 0: session-cookie Session-cookie means the browser will remove it when the browser is closed.

$loginHidden

protected bool $loginHidden = false

$setCookie

If set, this cookie will be set to the response.

protected Cookie|null $setCookie = null

$TSdataArray

Used to accumulate the TSconfig data of the user

protected array<string|int, mixed> $TSdataArray = []

$userData_change

protected bool $userData_change = false

$userSessionManager

protected UserSessionManager $userSessionManager

$userTS

protected array<string|int, mixed> $userTS = []

Methods

__construct()

Initialize some important variables

public __construct() : mixed

__get()

public __get(string $propertyName) : mixed
Parameters
$propertyName : string

__isset()

public __isset(string $propertyName) : bool
Parameters
$propertyName : string
Return values
bool

__set()

public __set(string $propertyName, mixed $propertyValue) : mixed
Parameters
$propertyName : string
$propertyValue : mixed

__unset()

public __unset(string $propertyName) : void
Parameters
$propertyName : string

appendCookieToResponse()

Used to apply a cookie to a PSR-7 Response.

public appendCookieToResponse(ResponseInterface $response) : ResponseInterface
Parameters
$response : ResponseInterface
Return values
ResponseInterface

checkAuthentication()

Checks if a submission of username and password is present or use other authentication by auth services

public checkAuthentication([ServerRequestInterface|null $request = null ]) : mixed
Parameters
$request : ServerRequestInterface|null = null

@todo: Make mandatory in v12.

Internal
Tags
throws
MfaRequiredException

createSessionId()

Creates a new session ID.

public createSessionId() : string
Deprecated

since TYPO3 v11.0, will be removed in TYPO3 v12, is kept because it is used in Testing Framework

Return values
string

The new session ID

createUserAspect()

Initializes the front-end user groups for the context API, based on the user groups and the logged-in state.

public createUserAspect([bool $respectUserGroups = true ]) : UserAspect
Parameters
$respectUserGroups : bool = true

used with the $TSFE->loginAllowedInBranch flag to disable the inclusion of the users' groups

Return values
UserAspect

createUserSession()

Creates a user session record and returns its values.

public createUserSession(array<string|int, mixed> $tempuser) : UserSession

However, as the FE user cookie is normally not set, this has to be done before the parent class is doing the rest.

Parameters
$tempuser : array<string|int, mixed>

User data array

Return values
UserSession

The session data for the newly created session.

enforceNewSessionId()

Regenerates the session ID and sets the cookie again.

public enforceNewSessionId() : mixed
Internal

fetchGroupData()

Will select all fe_groups records that the current fe_user is member of.

public fetchGroupData([ServerRequestInterface|null $request = null ]) : mixed

It also accumulates the TSconfig for the fe_user/fe_groups in ->TSdataArray

Parameters
$request : ServerRequestInterface|null = null

(will become a requirement in v12.0)

fetchUserSession()

Read the user session from db.

public fetchUserSession([bool $skipSessionUpdate = false ]) : array<string|int, mixed>|bool
Deprecated

since TYPO3 v11, will be removed in TYPO3 v12.

Parameters
$skipSessionUpdate : bool = false
Return values
array<string|int, mixed>|bool

User session data, false if $userSession->getIdentifier() does not represent valid session

getAuthInfoArray()

Returns an info array which provides additional information for auth services

public getAuthInfoArray() : array<string|int, mixed>
Internal
Return values
array<string|int, mixed>

getCookieName()

Returns the configured cookie name

public static getCookieName() : string
Return values
string

getKey()

Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)

public getKey(string $type, string $key) : mixed
Parameters
$type : string

Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)

$key : string

Key from the data array to return; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines which key to return the value for.

Tags
see
setKey()
Return values
mixed

Returns whatever value there was in the array for the key, $key

getModuleData()

Gets module data for a module (from a loaded ->uc array)

public getModuleData(string $module[, string $type = '' ]) : mixed
Parameters
$module : string

Is the name of the module ($MCONF['name'])

$type : string = ''

If $type = 'ses' then module data is returned only if it was stored in the current session, otherwise data from a previous session will be returned (if available).

Return values
mixed

The module data if available: $this->uc['moduleData'][$module];

getRawUserByName()

Fetching raw user record with username=$name

public getRawUserByName(string $name) : array<string|int, mixed>
Parameters
$name : string

The username to look up.

Internal
Tags
see
AbstractUserAuthentication::getUserByUid()
Return values
array<string|int, mixed>

user record or FALSE

getRawUserByUid()

Fetching raw user record with uid=$uid

public getRawUserByUid(int $uid) : array<string|int, mixed>
Parameters
$uid : int

The UID of the backend user to set in ->user

Internal
Return values
array<string|int, mixed>

user record or FALSE

getSessionData()

Returns the session data stored for $key.

public getSessionData(string $key) : mixed

The data will last only for this login session since it is stored in the user session.

Parameters
$key : string

The key associated with the session data

getUserTSconf()

Returns the parsed TSconfig for the fe_user The TSconfig will be cached in $this->userTS.

public getUserTSconf() : array<string|int, mixed>
Return values
array<string|int, mixed>

TSconfig array for the fe_user

hideActiveLogin()

Hide the current login

public hideActiveLogin() : mixed

This is used by the fe_login_mode feature for pages. A current login is unset, but we remember that there has been one.

initializeUserSessionManager()

Currently needed for various unit tests, until start() and checkAuthentication() methods are smaller and extracted from this class.

public initializeUserSessionManager([UserSessionManager|null $userSessionManager = null ]) : void
Parameters
$userSessionManager : UserSessionManager|null = null
Internal

isActiveLogin()

public isActiveLogin(ServerRequestInterface $request) : bool
Parameters
$request : ServerRequestInterface
Return values
bool

isCookieSet()

Returns whether this request is going to set a cookie or a cookie was already found in the system

public isCookieSet() : bool
Return values
bool

Returns TRUE if a cookie is set

isMfaSetupRequired()

Whether the user is required to set up MFA

public isMfaSetupRequired() : bool
Internal
Return values
bool

isRefreshTimeBasedCookie()

Determine whether a non-session cookie needs to be set (lifetime>0)

public isRefreshTimeBasedCookie() : bool
Internal
Return values
bool

isSetSessionCookie()

Determine whether a session cookie needs to be set (lifetime=0)

public isSetSessionCookie() : bool
Internal
Return values
bool

logoff()

Log out current user! Removes the current session record, sets the internal ->user array to a blank string; Thereby the current user (if any) is effectively logged out!

public logoff() : mixed

processLoginData()

Processes Login data submitted by a form or params

public processLoginData(array<string|int, mixed> $loginData) : array<string|int, mixed>
Parameters
$loginData : array<string|int, mixed>

Login data array

Internal
Return values
array<string|int, mixed>

pushModuleData()

Stores data for a module.

public pushModuleData(string $module, mixed $data[, bool|int $noSave = 0 ]) : mixed

The data is stored with the session id so you can even check upon retrieval if the module data is from a previous session or from the current session.

Parameters
$module : string

Is the name of the module ($MCONF['name'])

$data : mixed

Is the data you want to store for that module (array, string, ...)

$noSave : bool|int = 0

If $noSave is set, then the ->uc array (which carries all kinds of user data) is NOT written immediately, but must be written by some subsequent call.

removeCookie()

Empty / unset the cookie

public removeCookie([string|null $cookieName = null ]) : mixed
Parameters
$cookieName : string|null = null

usually, this is $this->name

removeSessionData()

Removes data of the current session.

public removeSessionData() : mixed

setAndSaveSessionData()

Saves the tokens so that they can be used by a later incarnation of this class.

public setAndSaveSessionData(string $key, mixed $data) : mixed
Parameters
$key : string
$data : mixed

setBeUserByUid()

Raw initialization of the be_user with uid=$uid This will circumvent all login procedures and select a be_users record from the database and set the content of ->user to the record selected.

public setBeUserByUid(int $uid) : mixed

Thus the BE_USER object will appear like if a user was authenticated - however without a session id and the fields from the session table of course. Will check the users for disabled, start/endtime, etc. ($this->user_where_clause())

Parameters
$uid : int

The UID of the backend user to set in ->user

Internal

setKey()

Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details.

public setKey(string $type, string $key, mixed $data) : mixed

When a value is set the flag $this->userData_change will be set so that the final call to ->storeSessionData() will know if a change has occurred and needs to be saved to the database. Notice: Simply calling this function will not save the data to the database! The actual saving is done in storeSessionData() which is called as some of the last things in \TYPO3\CMS\Frontend\Http\RequestHandler. So if you exit before this point, nothing gets saved of course! And the solution is to call $GLOBALS['TSFE']->storeSessionData(); before you exit.

Parameters
$type : string

Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)

$key : string

Key from the data array to store incoming data in; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines in which key the $data value will be stored.

$data : mixed

The data value to store in $key

Tags
see
setKey()
see
storeSessionData()

setSessionData()

Set session data by key.

public setSessionData(string $key, mixed $data) : mixed

The data will last only for this login session since it is stored in the user session.

Parameters
$key : string

A non empty string to store the data under

$data : mixed

Data store store in session

start()

Starts a user session Typical configurations will: a) check if session cookie was set and if not, set one, b) check if a password/username was sent and if so, try to authenticate the user c) Lookup a session attached to a user and check timeout etc.

public start([ServerRequestInterface|null $request = null ]) : mixed

d) Garbage collection, setting of no-cache headers. If a user is authenticated the database record of the user (array) will be set in the ->user internal variable.

Parameters
$request : ServerRequestInterface|null = null

@todo: Make mandatory in v12.

storeSessionData()

Will write UC and session data.

public storeSessionData() : mixed

If the flag $this->userData_change has been set, the function ->writeUC is called (which will save persistent user session data)

Tags
see
getKey()
see
setKey()

unpack_uc()

Sets $theUC as the internal variable ->uc IF $theUC is an array.

public unpack_uc([mixed $theUC = '' ]) : mixed

If $theUC is FALSE, the 'uc' content from the ->user array will be unserialized and restored in ->uc

Parameters
$theUC : mixed = ''

If an array, then set as ->uc, otherwise load from user record @deprecated will be removed in TYPO3 v12.0.

updateOnlineTimestamp()

Update the field "is_online" every 60 seconds of a logged-in user

public updateOnlineTimestamp() : mixed
Internal

writelog()

DUMMY: Writes to log database table (in some extension classes)

public writelog(int $type, int $action, int $error, int $details_nr, string $details, array<string|int, mixed> $data, string $tablename, int|string $recuid, int|string $recpid) : mixed
Parameters
$type : int

denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent

$action : int

denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)

$error : int

flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)

$details_nr : int

The message number. Specific for each $type and $action. in the future this will make it possible to translate error messages to other languages

$details : string

Default text that follows the message

$data : array<string|int, mixed>

Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...

$tablename : string

Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)

$recuid : int|string

Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)

$recpid : int|string

Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)

writeUC()

This writes $variable to the user-record. This is a way of providing session-data.

public writeUC([array<string|int, mixed>|string $variable = '' ]) : mixed

You can fetch the data again through $this->uc in this class! If $variable is not an array, $this->uc is saved!

Parameters
$variable : array<string|int, mixed>|string = ''

An array you want to store for the user as session data. If $variable is not supplied (is null), the internal variable, ->uc, is stored by default @deprecated will be removed in TYPO3 v12.0.

evaluateMfaRequirements()

This method checks if the user is authenticated but has not succeeded in passing his MFA challenge. This method can therefore only be used if a user has been authenticated against his first authentication method (username+password or any other authentication token).

protected evaluateMfaRequirements() : void
Internal
Tags
throws
MfaRequiredException

fetchValidUserFromSessionOrDestroySession()

If the session is bound to a user, this method fetches the user record, and returns it.

protected fetchValidUserFromSessionOrDestroySession([bool $skipSessionUpdate = false ]) : array<string|int, mixed>|null

If the session has a timeout, the session date is extended if needed. Also the ìs_online flag is updated for the user.

However, if the session has expired the session is removed and the request is treated as an anonymous session.

Parameters
$skipSessionUpdate : bool = false
Return values
array<string|int, mixed>|null

getAuthServiceConfiguration()

"auth" services configuration array from $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']

protected getAuthServiceConfiguration() : array<string|int, mixed>
Return values
array<string|int, mixed>

getAuthServices()

Initializes authentication services to be used in a foreach loop

protected getAuthServices(string $subType, array<string|int, mixed> $loginData, array<string|int, mixed> $authInfo) : Traversable
Parameters
$subType : string

e.g. getUserFE

$loginData : array<string|int, mixed>
$authInfo : array<string|int, mixed>
Return values
Traversable

A generator of service objects

getCookie()

Get the value of a specified cookie.

protected getCookie(string $cookieName) : string
Parameters
$cookieName : string

The cookie ID

Return values
string

The value stored in the cookie

getCookieDomain()

Gets the domain to be used on setting cookies.

protected getCookieDomain() : string

The information is taken from the value in $GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'].

Return values
string

The domain to be used on setting cookies

handleLoginFailure()

Implement functionality when there was a failed login

protected handleLoginFailure() : void

performLogoff()

Perform the logoff action. Called from logoff() as a way to allow subclasses to override what happens when a user logs off, without needing to reproduce the hook calls and logging that happens in the public logoff() API method.

protected performLogoff() : mixed

regenerateSessionId()

Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated.

protected regenerateSessionId() : mixed

Forces cookie to be set

removeSensitiveLoginDataForLoggingInfo()

Removes any sensitive data from the incoming data (either from loginData, processedLogin data or the user record from the DB).

protected removeSensitiveLoginDataForLoggingInfo(mixed|array<string|int, mixed> $data[, bool $isUserRecord = false ]) : mixed

No type hinting is added because it might be possible that the incoming data is of any other type.

Parameters
$data : mixed|array<string|int, mixed>
$isUserRecord : bool = false

setSessionCookie()

Sets the session cookie for the current disposal.

protected setSessionCookie() : mixed

updateLoginTimestamp()

Updates the last login column in the user with the given id

protected updateLoginTimestamp(int $userId) : mixed
Parameters
$userId : int 

        

        
    




    

    

                            

            

                            
    

        On this page

        
    


            

                    

        

    

        

            
Search results