PasswordRecoveryController extends AbstractLoginFormController

A multi action controller. This is by far the most common base class for Controllers.

Internal

this is a concrete TYPO3 implementation and solely used for EXT:felogin and not part of TYPO3's Core API.

Table of Contents

Properties

$actionMethodName  : string
Name of the action method
$arguments  : Arguments
$configurationManager  : ConfigurationManagerInterface
$controllerContext  : ControllerContext
$defaultViewObjectName  : string
The default view object to use if none of the resolved views can render a response for the current request.
$errorMethodName  : string
Name of the special error action method which is called in case of errors
$eventDispatcher  : EventDispatcherInterface
$hashService  : HashService
$mvcPropertyMappingConfigurationService  : MvcPropertyMappingConfigurationService
$objectManager  : ObjectManagerInterface
$recoveryService  : RecoveryServiceInterface
$reflectionService  : ReflectionService
$request  : Request
The current request.
$responseFactory  : ResponseFactoryInterface
$settings  : array<string|int, mixed>
Contains the settings of the current extension
$signalSlotDispatcher  : Dispatcher
$streamFactory  : StreamFactoryInterface
$uriBuilder  : UriBuilder
$userRepository  : FrontendUserRepository
$validatorResolver  : ValidatorResolver
$view  : ViewInterface
The current view, as resolved by resolveView()

Methods

__construct()  : mixed
addFlashMessage()  : mixed
Creates a Message object and adds it to the FlashMessageQueue.
changePasswordAction()  : ResponseInterface|string|ForwardResponse|null
Change actual password. Hash $newPass and update the user with the corresponding $hash.
forward()  : never
Forwards the request to another action and / or controller.
getControllerContext()  : ControllerContext
initializeControllerArgumentsBaseValidators()  : mixed
Collects the base validators which were defined for the data type of each controller argument and adds them to the argument's validator chain.
injectConfigurationManager()  : mixed
injectEventDispatcher()  : void
injectHashService()  : mixed
injectInternalExtensionService()  : void
injectInternalFlashMessageService()  : void
injectMvcPropertyMappingConfigurationService()  : mixed
injectObjectManager()  : mixed
Injects the object manager
injectPropertyMapper()  : void
injectReflectionService()  : mixed
injectResponseFactory()  : mixed
injectSignalSlotDispatcher()  : mixed
injectStreamFactory()  : mixed
injectValidatorResolver()  : mixed
injectViewResolver()  : mixed
processRequest()  : ResponseInterface
Handles an incoming request and returns a response object
recoveryAction()  : ResponseInterface|void
Shows the recovery form. If $userIdentifier is set an email will be sent, if the corresponding user exists
showChangePasswordAction()  : ResponseInterface
Show the change password form if a valid hash is available.
throwStatus()  : never
Sends the specified HTTP status immediately and only stops to run back through the middleware stack.
validateHashAndPasswords()  : mixed
Validate entered password and passwordRepeat values. If they are invalid a forward() to showChangePasswordAction() takes place. All validation errors are put into the request mapping results.
addBaseUriIfNecessary()  : string
Adds the base uri if not already in place.
addErrorFlashMessage()  : mixed
If an error occurred during this request, this adds a flash message describing the error to the flash message container.
buildControllerContext()  : ControllerContext
Initialize the controller context
callActionMethod()  : ResponseInterface
Calls the specified action method and passes the arguments.
errorAction()  : ResponseInterface
A special action which is called if the originally intended action could not be called, for example if the arguments were not valid.
exposeNoneExistentUser()  : bool
Returns whether the `exposeNonexistentUserInForgotPasswordDialog` setting is active or not
forwardToReferringRequest()  : ResponseInterface|null
If information on the request before the current request was sent, this method forwards back to the originating request. This effectively ends processing of the current request, so do not call this method before you have finished the necessary business logic!
getErrorFlashMessage()  : string|bool
A template method for displaying custom error flash messages, or to display no flash message at all on errors. Override this to customize the flash message in your action controller.
getFlashMessageQueue()  : FlashMessageQueue
todo: As soon as the incoming request contains the compiled plugin namespace, extbase will offer a trait to create a flash message identifier from the current request. Users then should inject the flash message service themselves if needed.
getFlattenedValidationErrorMessage()  : string
Returns a string with a basic error message about validation failure.
getSignedStorageFolders()  : string
getStorageFolders()  : array<string|int, mixed>
Returns the parsed storagePid list including recursions
getTranslation()  : string
Wrapper to mock LocalizationUtility::translate
getViewProperty()  : array<string|int, mixed>
Handles the path resolving for *rootPath(s)
hasValidHash()  : bool
Validates that $hash is in the expected format (timestamp|forgot_hash)
htmlResponse()  : ResponseInterface
Returns a response object with either the given html string or the current rendered view as content.
initializeAction()  : mixed
Initializes the controller before invoking an action method.
initializeActionMethodArguments()  : mixed
Implementation of the arguments initialization in the action controller: Automatically registers arguments of the current action
initializeActionMethodValidators()  : mixed
Adds the needed validators to the Arguments:
initializeView()  : mixed
Initializes the view before invoking an action method.
invalidateUserSessions()  : void
Invalidate all frontend user sessions by given user id
jsonResponse()  : ResponseInterface
Returns a response object with either the given json string or the current rendered view as content. Mainly to be used for actions / controllers using the JsonView.
mapRequestArgumentsToControllerArguments()  : mixed
Maps arguments delivered by the request object to the local controller arguments.
notifyPasswordChange()  : ForwardResponse|string
redirect()  : never
Redirects the request to another action and / or controller.
redirectToUri()  : never
Redirects the web request to another uri.
renderAssetsForRequest()  : mixed
Method which initializes assets that should be attached to the response for the given $request, which contains parameters that an override can use to determine which assets to add via PageRenderer.
resolveActionMethodName()  : string
Resolves and checks the current action method name
resolveView()  : ViewInterface
Prepares a view for the current action.
setViewConfiguration()  : mixed
shallEnforceLoginSigning()  : bool
validateIfHashHasExpired()  : mixed
Validate hash and make sure it's not expired. If it is not in the correct format or not set at all, a redirect to recoveryAction() is made, without further information.
validateNewPassword()  : void

Properties

$actionMethodName

Name of the action method

protected string $actionMethodName = 'indexAction'
Internal

only to be used within Extbase, not part of TYPO3 Core API.

$controllerContext

Deprecated

since v11, will be removed with v12.

protected ControllerContext $controllerContext
Internal

only to be used within Extbase, not part of TYPO3 Core API.

$defaultViewObjectName

The default view object to use if none of the resolved views can render a response for the current request.

protected string $defaultViewObjectName = \TYPO3\CMS\Fluid\View\TemplateView::class

$errorMethodName

Name of the special error action method which is called in case of errors

protected string $errorMethodName = 'errorAction'

$eventDispatcher

protected EventDispatcherInterface $eventDispatcher

$hashService

protected HashService $hashService
Internal

only to be used within Extbase, not part of TYPO3 Core API.

$objectManager

Deprecated

since v11, will be removed in v12

protected ObjectManagerInterface $objectManager
Internal

only to be used within Extbase, not part of TYPO3 Core API.

$reflectionService

protected ReflectionService $reflectionService
Internal

only to be used within Extbase, not part of TYPO3 Core API.

$request

The current request.

protected Request $request
Tags
todo

v12: Change @var to RequestInterface, when RequestInterface extends ServerRequestInterface

$responseFactory

protected ResponseFactoryInterface $responseFactory

$settings

Contains the settings of the current extension

protected array<string|int, mixed> $settings

$signalSlotDispatcher

protected Dispatcher $signalSlotDispatcher
Internal

only to be used within Extbase, not part of TYPO3 Core API.

$streamFactory

protected StreamFactoryInterface $streamFactory

$validatorResolver

protected ValidatorResolver $validatorResolver
Internal

only to be used within Extbase, not part of TYPO3 Core API.

$view

The current view, as resolved by resolveView()

protected ViewInterface $view
Tags
todo

v12: Change signature to TYPO3Fluid\Fluid\View\ViewInterface when extbase ViewInterface is dropped.

Methods

addFlashMessage()

Creates a Message object and adds it to the FlashMessageQueue.

public addFlashMessage(string $messageBody[, string $messageTitle = '' ][, int $severity = AbstractMessage::OK ][, bool $storeInSession = true ]) : mixed
Parameters
$messageBody : string

The message

$messageTitle : string = ''

Optional message title

$severity : int = AbstractMessage::OK

Optional severity, must be one of \TYPO3\CMS\Core\Messaging\FlashMessage constants

$storeInSession : bool = true

Optional, defines whether the message should be stored in the session (default) or not

Tags
throws
InvalidArgumentException

if the message body is no string

see
FlashMessage

forward()

Forwards the request to another action and / or controller.

public forward(string|null $actionName[, string|null $controllerName = null ][, string|null $extensionName = null ][, array<string|int, mixed>|null $arguments = null ]) : never
Deprecated

since TYPO3 11.0, will be removed in 12.0

Request is directly transferred to the other action / controller without the need for a new request.

Parameters
$actionName : string|null

Name of the action to forward to

$controllerName : string|null = null

Unqualified object name of the controller to forward to. If not specified, the current controller is used.

$extensionName : string|null = null

Name of the extension containing the controller to forward to. If not specified, the current extension is assumed.

$arguments : array<string|int, mixed>|null = null

Arguments to pass to the target action

Tags
throws
StopActionException
see
redirect()
Return values
never

initializeControllerArgumentsBaseValidators()

Collects the base validators which were defined for the data type of each controller argument and adds them to the argument's validator chain.

public initializeControllerArgumentsBaseValidators() : mixed
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectEventDispatcher()

public injectEventDispatcher(EventDispatcherInterface $eventDispatcher) : void
Parameters
$eventDispatcher : EventDispatcherInterface

injectHashService()

public injectHashService(HashService $hashService) : mixed
Parameters
$hashService : HashService
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectInternalExtensionService()

public final injectInternalExtensionService(ExtensionService $extensionService) : void
Parameters
$extensionService : ExtensionService
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectInternalFlashMessageService()

public final injectInternalFlashMessageService(FlashMessageService $flashMessageService) : void
Parameters
$flashMessageService : FlashMessageService
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectObjectManager()

Injects the object manager

public injectObjectManager(ObjectManagerInterface $objectManager) : mixed
Deprecated

since v11, will be removed in v12

Parameters
$objectManager : ObjectManagerInterface
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectPropertyMapper()

public injectPropertyMapper(PropertyMapper $propertyMapper) : void
Parameters
$propertyMapper : PropertyMapper
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectReflectionService()

public injectReflectionService(ReflectionService $reflectionService) : mixed
Parameters
$reflectionService : ReflectionService
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectResponseFactory()

public final injectResponseFactory(ResponseFactoryInterface $responseFactory) : mixed
Parameters
$responseFactory : ResponseFactoryInterface

injectSignalSlotDispatcher()

public injectSignalSlotDispatcher(Dispatcher $signalSlotDispatcher) : mixed
Deprecated

since v11, will be removed in v12

Parameters
$signalSlotDispatcher : Dispatcher
Internal

only to be used within Extbase, not part of TYPO3 Core API.

injectStreamFactory()

public final injectStreamFactory(StreamFactoryInterface $streamFactory) : mixed
Parameters
$streamFactory : StreamFactoryInterface

injectValidatorResolver()

public injectValidatorResolver(ValidatorResolver $validatorResolver) : mixed
Parameters
$validatorResolver : ValidatorResolver
Internal

only to be used within Extbase, not part of TYPO3 Core API.

processRequest()

Handles an incoming request and returns a response object

public processRequest(RequestInterface $request) : ResponseInterface
Parameters
$request : RequestInterface

The request object

Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
ResponseInterface

recoveryAction()

Shows the recovery form. If $userIdentifier is set an email will be sent, if the corresponding user exists

public recoveryAction([string|null $userIdentifier = null ]) : ResponseInterface|void
Parameters
$userIdentifier : string|null = null
Tags
throws
StopActionException
throws
InvalidConfigurationTypeException
Return values
ResponseInterface|void

showChangePasswordAction()

Show the change password form if a valid hash is available.

public showChangePasswordAction([string $hash = '' ]) : ResponseInterface
Parameters
$hash : string = ''
Return values
ResponseInterface

throwStatus()

Sends the specified HTTP status immediately and only stops to run back through the middleware stack.

public throwStatus(int $statusCode[, string $statusMessage = null ][, string $content = null ]) : never

Note: If any other plugin or content or hook is used within a frontend request, this is skipped by design.

Parameters
$statusCode : int

The HTTP status code

$statusMessage : string = null

A custom HTTP status message

$content : string = null

Body content which further explains the status

Tags
throws
PropagateResponseException
Return values
never

validateHashAndPasswords()

Validate entered password and passwordRepeat values. If they are invalid a forward() to showChangePasswordAction() takes place. All validation errors are put into the request mapping results.

public validateHashAndPasswords() : mixed

Used validators are configured via TypoScript settings.

Tags
throws
NoSuchArgumentException
throws
StopActionException
todo:

Refactor all password checks to validators

addBaseUriIfNecessary()

Adds the base uri if not already in place.

protected addBaseUriIfNecessary(string $uri) : string
Parameters
$uri : string

The URI

Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
string

addErrorFlashMessage()

If an error occurred during this request, this adds a flash message describing the error to the flash message container.

protected addErrorFlashMessage() : mixed
Internal

only to be used within Extbase, not part of TYPO3 Core API.

buildControllerContext()

Initialize the controller context

protected buildControllerContext() : ControllerContext
Deprecated

since v11, will be removed with v12.

Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
ControllerContext

ControllerContext to be passed to the view

callActionMethod()

Calls the specified action method and passes the arguments.

protected callActionMethod(RequestInterface $request) : ResponseInterface

If the action returns a string, it is appended to the content in the response object. If the action doesn't return anything and a valid view exists, the view is rendered automatically.

Parameters
$request : RequestInterface
Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
ResponseInterface

errorAction()

A special action which is called if the originally intended action could not be called, for example if the arguments were not valid.

protected errorAction() : ResponseInterface

The default implementation sets a flash message, request errors and forwards back to the originating action. This is suitable for most actions dealing with form input.

We clear the page cache by default on an error as well, as we need to make sure the data is re-evaluated when the user changes something.

Return values
ResponseInterface

exposeNoneExistentUser()

Returns whether the `exposeNonexistentUserInForgotPasswordDialog` setting is active or not

protected exposeNoneExistentUser(string|null $email) : bool
Parameters
$email : string|null
Return values
bool

forwardToReferringRequest()

If information on the request before the current request was sent, this method forwards back to the originating request. This effectively ends processing of the current request, so do not call this method before you have finished the necessary business logic!

protected forwardToReferringRequest() : ResponseInterface|null
Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
ResponseInterface|null

getErrorFlashMessage()

A template method for displaying custom error flash messages, or to display no flash message at all on errors. Override this to customize the flash message in your action controller.

protected getErrorFlashMessage() : string|bool
Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
string|bool

The flash message or FALSE if no flash message should be set

getFlashMessageQueue()

todo: As soon as the incoming request contains the compiled plugin namespace, extbase will offer a trait to create a flash message identifier from the current request. Users then should inject the flash message service themselves if needed.

protected getFlashMessageQueue([string|null $identifier = null ]) : FlashMessageQueue
Parameters
$identifier : string|null = null
Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
FlashMessageQueue

getFlattenedValidationErrorMessage()

Returns a string with a basic error message about validation failure.

protected getFlattenedValidationErrorMessage() : string

We may add all validation error messages to a log file in the future, but for security reasons (@see #54074) we do not return these here.

Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
string

getSignedStorageFolders()

protected getSignedStorageFolders() : string
Return values
string

getStorageFolders()

Returns the parsed storagePid list including recursions

protected getStorageFolders() : array<string|int, mixed>
Return values
array<string|int, mixed>

getTranslation()

Wrapper to mock LocalizationUtility::translate

protected getTranslation(string $key) : string
Parameters
$key : string
Return values
string

getViewProperty()

Handles the path resolving for *rootPath(s)

protected getViewProperty(array<string|int, mixed> $extbaseFrameworkConfiguration, string $setting) : array<string|int, mixed>

numerical arrays get ordered by key ascending

Parameters
$extbaseFrameworkConfiguration : array<string|int, mixed>
$setting : string

parameter name from TypoScript

Internal

only to be used within Extbase, not part of TYPO3 Core API.

Return values
array<string|int, mixed>

hasValidHash()

Validates that $hash is in the expected format (timestamp|forgot_hash)

protected hasValidHash(string $hash) : bool
Parameters
$hash : string
Return values
bool

htmlResponse()

Returns a response object with either the given html string or the current rendered view as content.

protected htmlResponse([string|null $html = null ]) : ResponseInterface
Parameters
$html : string|null = null
Return values
ResponseInterface

initializeAction()

Initializes the controller before invoking an action method.

protected initializeAction() : mixed

Override this method to solve tasks which all actions have in common.

initializeActionMethodArguments()

Implementation of the arguments initialization in the action controller: Automatically registers arguments of the current action

protected initializeActionMethodArguments() : mixed

Don't override this method - use initializeAction() instead.

Internal

only to be used within Extbase, not part of TYPO3 Core API.

Tags
throws
InvalidArgumentTypeException
see
initializeArguments()

initializeActionMethodValidators()

Adds the needed validators to the Arguments:

protected initializeActionMethodValidators() : mixed
  • Validators checking the data type from the @param annotation
  • Custom validators specified with validate annotations.
  • Model-based validators (validate annotations in the model)
  • Custom model validator classes
Internal

only to be used within Extbase, not part of TYPO3 Core API.

initializeView()

Initializes the view before invoking an action method.

protected initializeView(ViewInterface $view) : mixed
Deprecated

since v11, will be removed in v12: Drop method along with extbase ViewInterface.

Override this method to solve assign variables common for all actions or prepare the view in another way before the action is called.

Parameters
$view : ViewInterface

The view to be initialized

invalidateUserSessions()

Invalidate all frontend user sessions by given user id

protected invalidateUserSessions(int $userId) : void
Parameters
$userId : int

jsonResponse()

Returns a response object with either the given json string or the current rendered view as content. Mainly to be used for actions / controllers using the JsonView.

protected jsonResponse([string|null $json = null ]) : ResponseInterface
Parameters
$json : string|null = null
Return values
ResponseInterface

mapRequestArgumentsToControllerArguments()

Maps arguments delivered by the request object to the local controller arguments.

protected mapRequestArgumentsToControllerArguments() : mixed
Internal

only to be used within Extbase, not part of TYPO3 Core API.

Tags
throws
RequiredArgumentMissingException

notifyPasswordChange()

protected notifyPasswordChange(string $newPassword, string $hashedPassword, string $hash) : ForwardResponse|string
Parameters
$newPassword : string

Unencrypted new password

$hashedPassword : string

New password hash passed as reference

$hash : string

Forgot password hash

Return values
ForwardResponse|string

redirect()

Redirects the request to another action and / or controller.

protected redirect(string|null $actionName[, string|null $controllerName = null ][, string|null $extensionName = null ][, array<string|int, mixed>|null $arguments = null ][, int|null $pageUid = null ][, null $_ = null ][, int $statusCode = 303 ]) : never

Redirect will be sent to the client which then performs another request to the new URI.

Parameters
$actionName : string|null

Name of the action to forward to

$controllerName : string|null = null

Unqualified object name of the controller to forward to. If not specified, the current controller is used.

$extensionName : string|null = null

Name of the extension containing the controller to forward to. If not specified, the current extension is assumed.

$arguments : array<string|int, mixed>|null = null

Arguments to pass to the target action

$pageUid : int|null = null

Target page uid. If NULL, the current page uid is used

$_ : null = null

(optional) Unused

$statusCode : int = 303

(optional) The HTTP status code for the redirect. Default is "303 See Other

Tags
throws
StopActionException

deprecated since TYPO3 11.0, method will RETURN a Core\Http\RedirectResponse instead of throwing in v12

todo:

': ResponseInterface' (without ?) in v12 as method return type together with redirectToUri() cleanup

Return values
never

redirectToUri()

Redirects the web request to another uri.

protected redirectToUri(mixed $uri[, null $_ = null ][, int $statusCode = 303 ]) : never
Parameters
$uri : mixed

A string representation of a URI

$_ : null = null

(optional) Unused

$statusCode : int = 303

(optional) The HTTP status code for the redirect. Default is "303 See Other"

Tags
throws
StopActionException

deprecated since TYPO3 11.0, will be removed in 12.0

todo:

': ResponseInterface' (without ?) in v12 as method return type together with redirectToUri() cleanup

Return values
never

renderAssetsForRequest()

Method which initializes assets that should be attached to the response for the given $request, which contains parameters that an override can use to determine which assets to add via PageRenderer.

protected renderAssetsForRequest(RequestInterface $request) : mixed

This default implementation will attempt to render the sections "HeaderAssets" and "FooterAssets" from the template that is being rendered, inserting the rendered content into either page header or footer, as appropriate. Both sections are optional and can be used one or both in combination.

You can add assets with this method without worrying about duplicates, if for example you do this in a plugin that gets used multiple time on a page.

Parameters
$request : RequestInterface
Internal

only to be used within Extbase, not part of TYPO3 Core API.

resolveActionMethodName()

Resolves and checks the current action method name

protected resolveActionMethodName() : string
Internal

only to be used within Extbase, not part of TYPO3 Core API.

Tags
throws
NoSuchActionException

if the action specified in the request object does not exist (and if there's no default action either).

Return values
string

Method name of the current action

resolveView()

Prepares a view for the current action.

protected resolveView() : ViewInterface

By default, this method tries to locate a view with a name matching the current action.

Internal

only to be used within Extbase, not part of TYPO3 Core API.

Tags
todo

v12: Change signature to TYPO3Fluid\Fluid\View\ViewInterface when extbase ViewInterface is dropped.

Return values
ViewInterface

setViewConfiguration()

protected setViewConfiguration(ViewInterface $view) : mixed
Parameters
$view : ViewInterface
Internal

only to be used within Extbase, not part of TYPO3 Core API.

Tags
todo

v12: Change signature to TYPO3Fluid\Fluid\View\ViewInterface when extbase ViewInterface is dropped.

shallEnforceLoginSigning()

protected shallEnforceLoginSigning() : bool
Return values
bool

validateIfHashHasExpired()

Validate hash and make sure it's not expired. If it is not in the correct format or not set at all, a redirect to recoveryAction() is made, without further information.

protected validateIfHashHasExpired() : mixed

        
On this page

Search results