FrontendUserAuthentication extends AbstractUserAuthentication uses PublicPropertyDeprecationTrait
Extension class for Front End User Authentication.
Table of Contents
Properties
- $checkPid : bool
- If set, the user-record must be stored at the page defined by $checkPid_value
- $checkPid_value : int|string|null
- The page id the user record must be stored at, can also hold a comma separated list of pids
- $enablecolumns : array<string|int, mixed>
- Enable field columns of user table
- $groupData : array<string|int, mixed>
- $loginType : string
- Login type, used for services.
- $name : string
- Session/Cookie name
- $uc : array<string|int, mixed>
- User Settings (= preferences)
- $user : array<string|int, mixed>|null
- $user_table : string
- Table in database with user data
- $usergroup_column : string
- Column for user group information
- $usergroup_table : string
- Table in database with user groups
- $userGroups : array<string|int, mixed>
- This array will hold the groups that the user is a member of
- $userid_column : string
- Column for user-id
- $userident_column : string
- Column for password
- $username_column : string
- Column for login-name
- $writeAttemptLog : bool
- Log failed login attempts
- $writeStdLog : bool
- Decides if the writelog() function is called at login and logout
- $dontSetCookie : bool
- Will prevent the setting of the session cookie (takes precedence over forceSetCookie) Disable cookie by default, will be activated if saveSessionData() is called, a user is logging-in or an existing session is found
- $forceSetCookie : bool
- Will force the session cookie to be set every time (lifetime must be 0).
- $formfield_permanent : string
- form field with 0 or 1 1 = permanent login enabled 0 = session is valid for a browser session only
- $formfield_status : string
- Form field with status: *'login', 'logout'. If empty login is not verified.
- $formfield_uident : string
- Form field with password
- $formfield_uname : string
- Form field with login-name
- $is_permanent : bool
- $lastLogin_column : string
- Column name for last login timestamp
- $loginSessionStarted : bool
- Will be set to TRUE if the login session is actually written during auth-check.
- $setCookie : SetCookieBehavior
- If set, this cookie will be set to the response.
- $TSdataArray : mixed
- $userData_change : bool
- $userSession : UserSession|null
- $userSessionManager : UserSessionManager
- $userTS : array<string|int, mixed>
Methods
- __call() : mixed
- Checks if the method of the given name is available, calls it but throws a deprecation.
- __construct() : mixed
- Initialize some important variables
- __get() : mixed
- Gets the value of the property of the given name if tagged.
- __isset() : bool
- Checks if the property of the given name is set.
- __set() : mixed
- Sets the property of the given name if tagged.
- __unset() : mixed
- Unsets the property of the given name if tagged.
- appendCookieToResponse() : ResponseInterface
- Used to apply a cookie to a PSR-7 Response.
- checkAuthentication() : mixed
- Checks if a submission of username and password is present or use other authentication by auth services
- createUserAspect() : UserAspect
- Initializes the front-end user groups for the context API, based on the user groups and the logged-in state.
- createUserSession() : UserSession
- Creates a user session record and returns its values.
- enforceNewSessionId() : mixed
- Regenerates the session ID and sets the cookie again.
- fetchGroupData() : mixed
- Will select all fe_groups records that the current fe_user is member of.
- getAuthInfoArray() : array<string|int, mixed>
- Returns an info array which provides additional information for auth services
- getCookieName() : string
- Returns the configured cookie name
- getKey() : mixed
- Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)
- getLoginFormData() : array<string|int, mixed>
- Returns an info array with Login/Logout data submitted by a form or params
- getModuleData() : mixed
- Gets module data for a module (from a loaded ->uc array)
- getRawUserByName() : array<string|int, mixed>
- Fetching raw user record with username=$name
- getRawUserByUid() : array<string|int, mixed>
- Fetching raw user record with uid=$uid
- getSession() : UserSession
- getSessionData() : mixed
- Returns the session data stored for $key.
- getUserId() : int|null
- getUserName() : string|null
- getUserTSconf() : array<string|int, mixed>
- Returns the parsed TSconfig for the fe_user The TSconfig will be cached in $this->userTS.
- initializeUserSessionManager() : void
- Currently needed for various unit tests, until start() and checkAuthentication() methods are smaller and extracted from this class.
- isActiveLogin() : bool
- isMfaSetupRequired() : bool
- Whether the user is required to set up MFA
- logoff() : mixed
- Log out current user! Removes the current session record, sets the internal ->user array to a blank string; Thereby the current user (if any) is effectively logged out!
- processLoginData() : array<string|int, mixed>
- Processes Login data submitted by a form or params
- pushModuleData() : void
- Stores data for a module.
- removeCookie() : mixed
- Empty / unset the cookie
- removeSessionData() : mixed
- Removes data of the current session.
- setAndSaveSessionData() : mixed
- Saves the tokens so that they can be used by a later incarnation of this class.
- setBeUserByName() : mixed
- Raw initialization of the be_user with username=$name
- setBeUserByUid() : mixed
- Raw initialization of the be_user with uid=$uid This will circumvent all login procedures and select a be_users record from the database and set the content of ->user to the record selected.
- setKey() : mixed
- Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details.
- setSessionData() : mixed
- Set session data by key.
- start() : mixed
- Starts a user session Typical configurations will: a) check if session cookie was set and if not, set one, b) check if a password/username was sent and if so, try to authenticate the user c) Lookup a session attached to a user and check timeout etc.
- storeSessionData() : mixed
- Will write UC and session data.
- updateOnlineTimestamp() : mixed
- Update the field "is_online" every 60 seconds of a logged-in user
- writelog() : mixed
- DUMMY: Writes to log database table (in some extension classes)
- writeUC() : mixed
- This writes $this->>uc to the user-record. This is a way of providing session-data.
- evaluateMfaRequirements() : void
- This method checks if the user is authenticated but has not succeeded in passing his MFA challenge. This method can therefore only be used if a user has been authenticated against his first authentication method (username+password or any other authentication token).
- fetchPossibleUsers() : array<string|int, mixed>
- Loads users from various sources (= authentication services) as an array of arrays.
- fetchValidUserFromSessionOrDestroySession() : array<string|int, mixed>|null
- If the session is bound to a user, this method fetches the user record, and returns it.
- getAuthServiceConfiguration() : array<string|int, mixed>
- "auth" services configuration array from $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']
- getAuthServices() : Traversable
- Initializes authentication services to be used in a foreach loop
- handleLoginFailure() : void
- Implement functionality when there was a failed login
- isCookieSet() : bool
- Returns whether this request is going to set a cookie or a cookie was already found in the system
- isRefreshTimeBasedCookie() : bool
- Determine whether a non-session cookie needs to be set (lifetime>0)
- isSetSessionCookie() : bool
- Determine whether a session cookie needs to be set (lifetime=0)
- performLogoff() : mixed
- Perform the logoff action. Called from logoff() as a way to allow subclasses to override what happens when a user logs off, without needing to reproduce the hook calls and logging that happens in the public logoff() API method.
- regenerateSessionId() : mixed
- Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated.
- removeSensitiveLoginDataForLoggingInfo() : mixed
- Removes any sensitive data from the incoming data (either from loginData, processedLogin data or the user record from the DB).
- setSessionCookie() : mixed
- Sets the setCookie directive to "Send", which will then result in appending a new cookie to the PSR-7 response, see appendCookieToResponse().
- shallSetSessionCookie() : bool
- Determines whether setting the session cookie is generally enabled, or the current session is a non-session cookie (FE permalogin).
- unpack_uc() : mixed
- Unserializes the user configuration from the user record into $this->>uc
- updateLoginTimestamp() : mixed
- Updates the last login column in the user with the given id
- userConstraints() : QueryRestrictionContainerInterface
- This returns the restrictions needed to select the user respecting enable columns and flags like deleted, hidden, starttime, endtime and rootLevel
Properties
$checkPid
If set, the user-record must be stored at the page defined by $checkPid_value
public
bool
$checkPid
= true
$checkPid_value
The page id the user record must be stored at, can also hold a comma separated list of pids
public
int|string|null
$checkPid_value
= 0
$enablecolumns
Enable field columns of user table
public
array<string|int, mixed>
$enablecolumns
= ['deleted' => 'deleted', 'disabled' => 'disable', 'starttime' => 'starttime', 'endtime' => 'endtime']
$groupData
public
array<string|int, mixed>
$groupData
= ['title' => [], 'uid' => [], 'pid' => []]
$loginType
Login type, used for services.
public
string
$loginType
= 'FE'
$name
Session/Cookie name
public
string
$name
= ''
$uc
User Settings (= preferences)
public
array<string|int, mixed>
$uc
= []
$user
public
array<string|int, mixed>|null
$user
contains user- AND session-data from database (joined tables)
$user_table
Table in database with user data
public
string
$user_table
= 'fe_users'
$usergroup_column
Column for user group information
public
string
$usergroup_column
= 'usergroup'
$usergroup_table
Table in database with user groups
public
string
$usergroup_table
= 'fe_groups'
$userGroups
This array will hold the groups that the user is a member of
public
array<string|int, mixed>
$userGroups
= []
$userid_column
Column for user-id
public
string
$userid_column
= 'uid'
$userident_column
Column for password
public
string
$userident_column
= 'password'
$username_column
Column for login-name
public
string
$username_column
= 'username'
$writeAttemptLog
Log failed login attempts
public
bool
$writeAttemptLog
= false
$writeStdLog
Decides if the writelog() function is called at login and logout
public
bool
$writeStdLog
= false
$dontSetCookie
Will prevent the setting of the session cookie (takes precedence over forceSetCookie) Disable cookie by default, will be activated if saveSessionData() is called, a user is logging-in or an existing session is found
protected
bool
$dontSetCookie
= true
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$forceSetCookie
Will force the session cookie to be set every time (lifetime must be 0).
protected
bool
$forceSetCookie
= false
$formfield_permanent
form field with 0 or 1 1 = permanent login enabled 0 = session is valid for a browser session only
protected
string
$formfield_permanent
= 'permalogin'
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$formfield_status
Form field with status: *'login', 'logout'. If empty login is not verified.
protected
string
$formfield_status
= 'logintype'
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$formfield_uident
Form field with password
protected
string
$formfield_uident
= 'pass'
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$formfield_uname
Form field with login-name
protected
string
$formfield_uname
= 'user'
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$is_permanent
protected
bool
$is_permanent
= false
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$lastLogin_column
Column name for last login timestamp
protected
string
$lastLogin_column
= 'lastlogin'
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$loginSessionStarted
Will be set to TRUE if the login session is actually written during auth-check.
protected
bool
$loginSessionStarted
= false
since TYPO3 v12. This is not considered public API anymore, as this property should be defined in another place in the future.
$setCookie
If set, this cookie will be set to the response.
protected
SetCookieBehavior
$setCookie
= \TYPO3\CMS\Core\Http\SetCookieBehavior::None
$TSdataArray
since v12, remove in v13 together with fe_users & fe_groups TSconfig TCA
protected
mixed
$TSdataArray
= []
$userData_change
protected
bool
$userData_change
= false
$userSession
protected
UserSession|null
$userSession
= null
$userSessionManager
protected
UserSessionManager
$userSessionManager
$userTS
since v12, remove in v13 together with fe_users & fe_groups TSconfig TCA
protected
array<string|int, mixed>
$userTS
= []
Methods
__call()
Checks if the method of the given name is available, calls it but throws a deprecation.
public
__call(string $methodName, array<string|int, mixed> $arguments) : mixed
If the method does not exist, a fatal error is thrown.
Unavailable protected methods must return in a fatal error as usual. Marked methods are called and a deprecation entry is thrown.
__call() is not called for public methods.
Parameters
- $methodName : string
- $arguments : array<string|int, mixed>
__construct()
Initialize some important variables
public
__construct() : mixed
__get()
Gets the value of the property of the given name if tagged.
public
__get(string $propertyName) : mixed
The evaluation is done in the assumption that this method is never reached for a public property.
Parameters
- $propertyName : string
__isset()
Checks if the property of the given name is set.
public
__isset(string $propertyName) : bool
Unmarked protected properties must return false as usual. Marked properties are evaluated by isset().
This method is not called for public properties.
Parameters
- $propertyName : string
Return values
bool__set()
Sets the property of the given name if tagged.
public
__set(string $propertyName, mixed $propertyValue) : mixed
Additionally it's allowed to set unknown properties.
The evaluation is done in the assumption that this method is never reached for a public property.
Parameters
- $propertyName : string
- $propertyValue : mixed
__unset()
Unsets the property of the given name if tagged.
public
__unset(string $propertyName) : mixed
Parameters
- $propertyName : string
appendCookieToResponse()
Used to apply a cookie to a PSR-7 Response.
public
appendCookieToResponse(ResponseInterface $response[, NormalizedParams|null $normalizedParams = null ]) : ResponseInterface
Parameters
- $response : ResponseInterface
- $normalizedParams : NormalizedParams|null = null
since TYPO3 v12. This is not considered public API anymore, as this method should be defined in another place in the future. If really needed implement the logic in an AuthenticationService or custom PHP class.
Tags
Return values
ResponseInterfacecheckAuthentication()
Checks if a submission of username and password is present or use other authentication by auth services
public
checkAuthentication(ServerRequestInterface $request) : mixed
Parameters
- $request : ServerRequestInterface
Tags
createUserAspect()
Initializes the front-end user groups for the context API, based on the user groups and the logged-in state.
public
createUserAspect([bool $respectUserGroups = true ]) : UserAspect
Parameters
- $respectUserGroups : bool = true
-
used to disable the inclusion of the users' groups
Return values
UserAspectcreateUserSession()
Creates a user session record and returns its values.
public
createUserSession(array<string|int, mixed> $tempuser) : UserSession
However, as the FE user cookie is normally not set, this has to be done before the parent class is doing the rest.
Parameters
- $tempuser : array<string|int, mixed>
-
User data array
Return values
UserSession —The session data for the newly created session.
enforceNewSessionId()
Regenerates the session ID and sets the cookie again.
public
enforceNewSessionId() : mixed
fetchGroupData()
Will select all fe_groups records that the current fe_user is member of.
public
fetchGroupData(ServerRequestInterface $request) : mixed
It also accumulates the TSconfig for the fe_user/fe_groups in ->TSdataArray
Parameters
- $request : ServerRequestInterface
getAuthInfoArray()
Returns an info array which provides additional information for auth services
public
getAuthInfoArray(ServerRequestInterface $request) : array<string|int, mixed>
Parameters
- $request : ServerRequestInterface
Return values
array<string|int, mixed>getCookieName()
Returns the configured cookie name
public
static getCookieName() : string
Return values
stringgetKey()
Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)
public
getKey(string $type, string $key) : mixed
Parameters
- $type : string
-
Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
- $key : string
-
Key from the data array to return; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines which key to return the value for.
Tags
Return values
mixed —Returns whatever value there was in the array for the key, $key
getLoginFormData()
Returns an info array with Login/Logout data submitted by a form or params
public
getLoginFormData(ServerRequestInterface $request) : array<string|int, mixed>
Parameters
- $request : ServerRequestInterface
Tags
Return values
array<string|int, mixed>getModuleData()
Gets module data for a module (from a loaded ->uc array)
public
getModuleData(string $module[, string $type = '' ]) : mixed
Parameters
- $module : string
-
Is the identifier of the module, e.g. "web_info"
- $type : string = ''
-
If $type = 'ses' then module data is returned only if it was stored in the current session, otherwise data from a previous session will be returned (if available).
Return values
mixed —The module data if available: $this->uc['moduleData'][$module];
getRawUserByName()
Fetching raw user record with username=$name
public
getRawUserByName(string $name) : array<string|int, mixed>
Parameters
- $name : string
-
The username to look up.
Tags
Return values
array<string|int, mixed> —user record or FALSE
getRawUserByUid()
Fetching raw user record with uid=$uid
public
getRawUserByUid(int $uid) : array<string|int, mixed>
Parameters
- $uid : int
-
The UID of the backend user to set in ->user
Return values
array<string|int, mixed> —user record or FALSE
getSession()
public
getSession() : UserSession
Return values
UserSessiongetSessionData()
Returns the session data stored for $key.
public
getSessionData(string $key) : mixed
The data will last only for this login session since it is stored in the user session.
Parameters
- $key : string
-
The key associated with the session data
getUserId()
public
getUserId() : int|null
Return values
int|nullgetUserName()
public
getUserName() : string|null
Return values
string|nullgetUserTSconf()
Returns the parsed TSconfig for the fe_user The TSconfig will be cached in $this->userTS.
public
getUserTSconf() : array<string|int, mixed>
since v12, remove in v13 together with fe_users & fe_groups TSconfig TCA
Return values
array<string|int, mixed> —TSconfig array for the fe_user
initializeUserSessionManager()
Currently needed for various unit tests, until start() and checkAuthentication() methods are smaller and extracted from this class.
public
initializeUserSessionManager([UserSessionManager|null $userSessionManager = null ]) : void
Parameters
- $userSessionManager : UserSessionManager|null = null
isActiveLogin()
public
isActiveLogin(ServerRequestInterface $request) : bool
Parameters
- $request : ServerRequestInterface
Return values
boolisMfaSetupRequired()
Whether the user is required to set up MFA
public
isMfaSetupRequired() : bool
Return values
boollogoff()
Log out current user! Removes the current session record, sets the internal ->user array to a blank string; Thereby the current user (if any) is effectively logged out!
public
logoff() : mixed
processLoginData()
Processes Login data submitted by a form or params
public
processLoginData(array<string|int, mixed> $loginData, ServerRequestInterface $request) : array<string|int, mixed>
Parameters
- $loginData : array<string|int, mixed>
-
Login data array
- $request : ServerRequestInterface
Return values
array<string|int, mixed>pushModuleData()
Stores data for a module.
public
pushModuleData(string $module, mixed $data[, bool $dontPersistImmediately = false ]) : void
The data is stored with the session ID, so you can even check upon retrieval if the module data is from a previous session or from the current session.
Parameters
- $module : string
-
Is the identifier of the module, e.g. "web_info"
- $data : mixed
-
Is the data you want to store for that module (array, string, ...)
- $dontPersistImmediately : bool = false
-
If set, then the ->uc array (which carries all kinds of user data) is NOT written immediately, but must be written by some subsequent call.
removeCookie()
Empty / unset the cookie
public
removeCookie([string|null $cookieName = null ]) : mixed
Parameters
- $cookieName : string|null = null
-
usually, this is $this->name
since TYPO3 v12. This is not considered public API anymore, if really needed implement the logic in an AuthenticationService or custom PHP class.
removeSessionData()
Removes data of the current session.
public
removeSessionData() : mixed
setAndSaveSessionData()
Saves the tokens so that they can be used by a later incarnation of this class.
public
setAndSaveSessionData(string $key, mixed $data) : mixed
Parameters
- $key : string
- $data : mixed
setBeUserByName()
Raw initialization of the be_user with username=$name
public
setBeUserByName(string $name) : mixed
Parameters
- $name : string
-
The username to look up.
Tags
setBeUserByUid()
Raw initialization of the be_user with uid=$uid This will circumvent all login procedures and select a be_users record from the database and set the content of ->user to the record selected.
public
setBeUserByUid(int $uid) : mixed
Thus the BE_USER object will appear like if a user was authenticated - however without a session id and the fields from the session table of course. Will check the users for disabled, start/endtime, etc. ($this->user_where_clause())
Parameters
- $uid : int
-
The UID of the backend user to set in ->user
setKey()
Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details.
public
setKey(string $type, string $key, mixed $data) : mixed
When a value is set the flag $this->userData_change will be set so that the final call to ->storeSessionData() will know if a change has occurred and needs to be saved to the database. Notice: Simply calling this function will not save the data to the database! The actual saving is done in storeSessionData() which is called as some of the last things in \TYPO3\CMS\Frontend\Http\RequestHandler. So if you exit before this point, nothing gets saved of course! And the solution is to call $GLOBALS['TSFE']->storeSessionData(); before you exit.
Parameters
- $type : string
-
Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
- $key : string
-
Key from the data array to store incoming data in; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines in which key the $data value will be stored.
- $data : mixed
-
The data value to store in $key
Tags
setSessionData()
Set session data by key.
public
setSessionData(string $key, mixed $data) : mixed
The data will last only for this login session since it is stored in the user session.
Parameters
- $key : string
-
A non empty string to store the data under
- $data : mixed
-
Data store store in session
start()
Starts a user session Typical configurations will: a) check if session cookie was set and if not, set one, b) check if a password/username was sent and if so, try to authenticate the user c) Lookup a session attached to a user and check timeout etc.
public
start(ServerRequestInterface $request) : mixed
d) Garbage collection, setting of no-cache headers. If a user is authenticated the database record of the user (array) will be set in the ->user internal variable.
Parameters
- $request : ServerRequestInterface
storeSessionData()
Will write UC and session data.
public
storeSessionData() : mixed
If the flag $this->userData_change has been set, the function ->writeUC is called (which will save persistent user session data)
Tags
updateOnlineTimestamp()
Update the field "is_online" every 60 seconds of a logged-in user
public
updateOnlineTimestamp() : mixed
writelog()
DUMMY: Writes to log database table (in some extension classes)
public
writelog(int $type, int $action, int $error, int $details_nr, string $details, array<string|int, mixed> $data, string $tablename, int|string $recuid, int|string $recpid) : mixed
Parameters
- $type : int
-
denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
- $action : int
-
denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
- $error : int
-
flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
- $details_nr : int
-
The message number. Specific for each $type and $action. in the future this will make it possible to translate error messages to other languages
- $details : string
-
Default text that follows the message
- $data : array<string|int, mixed>
-
Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...
- $tablename : string
-
Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
- $recuid : int|string
-
Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
- $recpid : int|string
-
Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
writeUC()
This writes $this->>uc to the user-record. This is a way of providing session-data.
public
writeUC() : mixed
You can fetch the data again through $this->uc in this class!
evaluateMfaRequirements()
This method checks if the user is authenticated but has not succeeded in passing his MFA challenge. This method can therefore only be used if a user has been authenticated against his first authentication method (username+password or any other authentication token).
protected
evaluateMfaRequirements() : void
Tags
fetchPossibleUsers()
Loads users from various sources (= authentication services) as an array of arrays.
protected
fetchPossibleUsers(array<string|int, mixed> $loginData, bool $activeLogin, bool $isExistingSession, array<string|int, mixed>|null $authenticatedUserFromSession, ServerRequestInterface $request) : array<string|int, mixed>
Parameters
- $loginData : array<string|int, mixed>
- $activeLogin : bool
- $isExistingSession : bool
- $authenticatedUserFromSession : array<string|int, mixed>|null
-
if we have a user from an existing session, this is set here, otherwise null
- $request : ServerRequestInterface
Return values
array<string|int, mixed>fetchValidUserFromSessionOrDestroySession()
If the session is bound to a user, this method fetches the user record, and returns it.
protected
fetchValidUserFromSessionOrDestroySession([bool $skipSessionUpdate = false ]) : array<string|int, mixed>|null
If the session has a timeout, the session date is extended if needed. Also the ìs_online flag is updated for the user.
However, if the session has expired the session is removed and the request is treated as an anonymous session.
Parameters
- $skipSessionUpdate : bool = false
Return values
array<string|int, mixed>|nullgetAuthServiceConfiguration()
"auth" services configuration array from $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']
protected
getAuthServiceConfiguration() : array<string|int, mixed>
Return values
array<string|int, mixed>getAuthServices()
Initializes authentication services to be used in a foreach loop
protected
getAuthServices(string $subType, array<string|int, mixed> $loginData, array<string|int, mixed>|null $authenticatedUserFromSession, ServerRequestInterface $request) : Traversable
Parameters
- $subType : string
-
e.g. getUserFE
- $loginData : array<string|int, mixed>
- $authenticatedUserFromSession : array<string|int, mixed>|null
-
the user which was loaded from the session, or null if none was found
- $request : ServerRequestInterface
Return values
Traversable —A generator of service objects
handleLoginFailure()
Implement functionality when there was a failed login
protected
handleLoginFailure() : void
isCookieSet()
Returns whether this request is going to set a cookie or a cookie was already found in the system
protected
isCookieSet() : bool
since TYPO3 v12. This is not considered public API anymore, if really needed implement the logic in an AuthenticationService or custom PHP class.
Return values
bool —Returns TRUE if a cookie is set
isRefreshTimeBasedCookie()
Determine whether a non-session cookie needs to be set (lifetime>0)
protected
isRefreshTimeBasedCookie() : bool
since TYPO3 v12. This is not considered public API anymore, if really needed implement the logic in an AuthenticationService or custom PHP class.
Return values
boolisSetSessionCookie()
Determine whether a session cookie needs to be set (lifetime=0)
protected
isSetSessionCookie() : bool
since TYPO3 v12. This is not considered public API anymore, if really needed implement the logic in an AuthenticationService or custom PHP class.
Return values
boolperformLogoff()
Perform the logoff action. Called from logoff() as a way to allow subclasses to override what happens when a user logs off, without needing to reproduce the hook calls and logging that happens in the public logoff() API method.
protected
performLogoff() : mixed
regenerateSessionId()
Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated.
protected
regenerateSessionId() : mixed
Forces cookie to be set
removeSensitiveLoginDataForLoggingInfo()
Removes any sensitive data from the incoming data (either from loginData, processedLogin data or the user record from the DB).
protected
removeSensitiveLoginDataForLoggingInfo(mixed|array<string|int, mixed> $data[, bool $isUserRecord = false ]) : mixed
No type hinting is added because it might be possible that the incoming data is of any other type.
Parameters
- $data : mixed|array<string|int, mixed>
- $isUserRecord : bool = false
setSessionCookie()
Sets the setCookie directive to "Send", which will then result in appending a new cookie to the PSR-7 response, see appendCookieToResponse().
protected
setSessionCookie() : mixed
In case this method is called, the cookie needs to be set later.
shallSetSessionCookie()
Determines whether setting the session cookie is generally enabled, or the current session is a non-session cookie (FE permalogin).
protected
shallSetSessionCookie() : bool
Return values
boolunpack_uc()
Unserializes the user configuration from the user record into $this->>uc
protected
unpack_uc() : mixed
since TYPO3 v12. This is not considered public API anymore, if really needed implement the logic in an AuthenticationService or custom PHP class.
updateLoginTimestamp()
Updates the last login column in the user with the given id
protected
updateLoginTimestamp(int $userId) : mixed
Parameters
- $userId : int
userConstraints()
This returns the restrictions needed to select the user respecting enable columns and flags like deleted, hidden, starttime, endtime and rootLevel
protected
userConstraints() : QueryRestrictionContainerInterface