BackendUserAuthenticator extends BackendUserAuthenticator implements LoggerAwareInterface uses LoggerAwareTrait

Initializes the backend user authentication object (BE_USER) and the global LANG object.

Internal

Table of Contents

Interfaces

LoggerAwareInterface

Properties

$context  : Context
$publicRoutes  : array<string|int, mixed>
List of requests that don't need a valid BE user

Methods

__construct()  : mixed
process()  : ResponseInterface
Calls the bootstrap process to set up $GLOBALS['BE_USER'] AND $GLOBALS['LANG']
applyHeadersToResponse()  : ResponseInterface
Adding headers to the response to avoid caching on the client side.
enrichResponseWithHeadersAndCookieInformation()  : ResponseInterface
Backend requests should always apply Set-Cookie information and never be cacheable.
ensureLoginRateLimit()  : LimiterInterface|null
isLoggedInBackendUserRequired()  : bool
Check if the user is required for the request.
redirectToMfaEndpoint()  : ResponseInterface
Initiate a redirect to the given MFA endpoint with necessary cookies and headers appended
sessionGarbageCollection()  : void
Garbage collection for be_sessions (with a probability)
setBackendUserAspect()  : void
Register the backend user as aspect

Properties

$publicRoutes

List of requests that don't need a valid BE user

protected array<string|int, mixed> $publicRoutes = ['/login', '/login/frame', '/login/password-reset/forget', '/login/password-reset/initiate-reset', '/login/password-reset/validate', '/login/password-reset/finish', '/login/request-token', '/install/server-response-check/host', '/ajax/login', '/ajax/logout', '/ajax/login/preflight', '/ajax/login/refresh', '/ajax/login/timedout', '/ajax/core/requirejs']

Methods

process()

Calls the bootstrap process to set up $GLOBALS['BE_USER'] AND $GLOBALS['LANG']

public process(ServerRequestInterface $request, RequestHandlerInterface $handler) : ResponseInterface
Parameters
$request : ServerRequestInterface
$handler : RequestHandlerInterface
Return values
ResponseInterface

applyHeadersToResponse()

Adding headers to the response to avoid caching on the client side.

protected applyHeadersToResponse(ResponseInterface $response) : ResponseInterface

These headers will override any previous headers of these names sent. Get the http headers to be sent if an authenticated user is available, in order to disallow browsers to store the response on the client side.

Parameters
$response : ResponseInterface
Return values
ResponseInterface

the modified response object.

enrichResponseWithHeadersAndCookieInformation()

Backend requests should always apply Set-Cookie information and never be cacheable.

protected enrichResponseWithHeadersAndCookieInformation(ServerRequestInterface $request, ResponseInterface $response, BackendUserAuthentication|null $userAuthentication) : ResponseInterface

This is also needed if there is a redirect from somewhere in the code.

Parameters
$request : ServerRequestInterface
$response : ResponseInterface
$userAuthentication : BackendUserAuthentication|null
Tags
throws
AspectNotFoundException
Return values
ResponseInterface

isLoggedInBackendUserRequired()

Check if the user is required for the request.

protected isLoggedInBackendUserRequired(Route $route) : bool

If we're trying to do a login or an ajax login, don't require a user.

Parameters
$route : Route

the Route path to check against, something like '

Return values
bool

true when the Route requires an authenticated backend user

redirectToMfaEndpoint()

Initiate a redirect to the given MFA endpoint with necessary cookies and headers appended

protected redirectToMfaEndpoint(string $endpoint, BackendUserAuthentication $user, ServerRequestInterface $request[, array<string|int, mixed> $parameters = [] ]) : ResponseInterface
Parameters
$endpoint : string
$user : BackendUserAuthentication
$request : ServerRequestInterface
$parameters : array<string|int, mixed> = []
Return values
ResponseInterface

sessionGarbageCollection()

Garbage collection for be_sessions (with a probability)

protected sessionGarbageCollection() : void

        
On this page

Search results