‪TYPO3CMS  9.5
AjaxLoginController.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
23 
29 {
40  public function ‪loginAction(ServerRequestInterface $request): ResponseInterface
41  {
42  if ($this->‪isAuthorizedBackendSession()) {
43  $result = ['success' => true];
44  if ($this->‪hasLoginBeenProcessed()) {
46  $formProtection = ‪FormProtectionFactory::get();
47  $formProtection->setSessionTokenFromRegistry();
48  $formProtection->persistSessionToken();
49  }
50  } else {
51  $result = ['success' => false];
52  }
53  return new ‪JsonResponse(['login' => $result]);
54  }
55 
62  public function ‪logoutAction(ServerRequestInterface $request): ResponseInterface
63  {
64  $backendUser = $this->‪getBackendUser();
65  $backendUser->logoff();
66  return new ‪JsonResponse([
67  'logout' => [
68  'success' => !isset($backendUser->user['uid'])
69  ]
70  ]);
71  }
72 
73  public function ‪preflightAction(ServerRequestInterface $request): ResponseInterface
74  {
75  $headers = $request->getHeaders();
76  return new ‪JsonResponse([
77  'capabilities' => [
78  'cookie' => !empty($request->getCookieParams()),
79  // using legacy `Referer` (sic!) header name
80  'referrer' => array_filter($headers['referer'] ?? []) !== [],
81  ],
82  ]);
83  }
84 
91  public function ‪refreshAction(ServerRequestInterface $request): ResponseInterface
92  {
94  return new ‪JsonResponse([
95  'refresh' => [
96  'success' => true
97  ]
98  ]);
99  }
100 
107  public function ‪isTimedOutAction(ServerRequestInterface $request): ResponseInterface
108  {
109  $session = [
110  'timed_out' => false,
111  'will_time_out' => false,
112  'locked' => false
113  ];
114  $backendUser = $this->‪getBackendUser();
115  if (@is_file(‪Environment::getLegacyConfigPath() . '/LOCK_BACKEND')) {
116  $session['locked'] = true;
117  } elseif (!isset($backendUser->user['uid'])) {
118  $session['timed_out'] = true;
119  } else {
120  $backendUser->fetchUserSession(true);
121  $ses_tstamp = $backendUser->user['ses_tstamp'];
122  $timeout = $backendUser->sessionTimeout;
123  // If 120 seconds from now is later than the session timeout, we need to show the refresh dialog.
124  // 120 is somewhat arbitrary to allow for a little room during the countdown and load times, etc.
125  $session['will_time_out'] = ‪$GLOBALS['EXEC_TIME'] >= $ses_tstamp + $timeout - 120;
126  }
127  return new ‪JsonResponse(['login' => $session]);
128  }
129 
135  protected function ‪isAuthorizedBackendSession()
136  {
137  $backendUser = $this->‪getBackendUser();
138  return $backendUser !== null && $backendUser instanceof ‪BackendUserAuthentication && isset($backendUser->user['uid']);
139  }
140 
146  protected function ‪hasLoginBeenProcessed()
147  {
148  $loginFormData = $this->‪getBackendUser()->‪getLoginFormData();
149  return $loginFormData['status'] === 'login' && !empty($loginFormData['uname']) && !empty($loginFormData['uident']);
150  }
151 
155  protected function ‪getBackendUser()
156  {
157  return ‪$GLOBALS['BE_USER'] ?? null;
158  }
159 }
‪TYPO3\CMS\Core\FormProtection\FormProtectionFactory\get
‪static TYPO3 CMS Core FormProtection AbstractFormProtection get($classNameOrType='default',... $constructorArguments)
Definition: FormProtectionFactory.php:72
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\getBackendUser
‪BackendUserAuthentication null getBackendUser()
Definition: AjaxLoginController.php:155
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\refreshAction
‪ResponseInterface refreshAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:91
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\hasLoginBeenProcessed
‪bool hasLoginBeenProcessed()
Definition: AjaxLoginController.php:146
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\isAuthorizedBackendSession
‪bool isAuthorizedBackendSession()
Definition: AjaxLoginController.php:135
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\isTimedOutAction
‪ResponseInterface isTimedOutAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:107
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\checkAuthentication
‪checkAuthentication()
Definition: AbstractUserAuthentication.php:561
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\loginAction
‪ResponseInterface loginAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:40
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\logoutAction
‪ResponseInterface logoutAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:62
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:45
‪TYPO3\CMS\Backend\Controller\AjaxLoginController\preflightAction
‪preflightAction(ServerRequestInterface $request)
Definition: AjaxLoginController.php:73
‪TYPO3\CMS\Core\FormProtection\FormProtectionFactory
Definition: FormProtectionFactory.php:45
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getLoginFormData
‪array getLoginFormData()
Definition: AbstractUserAuthentication.php:1308
‪TYPO3\CMS\Core\Http\JsonResponse
Definition: JsonResponse.php:25
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Core\Core\Environment
Definition: Environment.php:39
‪TYPO3\CMS\Backend\Controller
Definition: AbstractFormEngineAjaxController.php:3
‪TYPO3\CMS\Backend\Controller\AjaxLoginController
Definition: AjaxLoginController.php:29
‪TYPO3\CMS\Core\Core\Environment\getLegacyConfigPath
‪static string getLegacyConfigPath()
Definition: Environment.php:256