‪TYPO3CMS  9.5
All Classes Namespaces Files Functions Variables Pages
CommandLineUserAuthentication.php
Go to the documentation of this file.
1 <?php
2 namespace ‪TYPO3\CMS\Core\Authentication;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
17 use ‪TYPO3\CMS\Core\Core\Environment;
18 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
19 use ‪TYPO3\CMS\Core\Crypto\Random;
20 use ‪TYPO3\CMS\Core\Database\ConnectionPool;
21 use ‪TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
22 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
23 
28 class ‪CommandLineUserAuthentication extends ‪BackendUserAuthentication
29 {
30 
35  protected ‪$username = '_cli_';
36 
42  public function ‪__construct()
43  {
44  if (!‪Environment::isCli()) {
45  throw new \RuntimeException('Creating a CLI-based user object on non-CLI level is not allowed', 1483971165);
46  }
47  if (!$this->‪isUserAllowedToLogin()) {
48  throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1483971855);
49  }
50  $this->dontSetCookie = true;
51  parent::__construct();
52  }
53 
60  public function ‪start()
61  {
62  $this->logger->debug('## Beginning of auth logging.');
63  // svConfig is unused, but we set it, as the property is public and might be used by extensions
64  $this->svConfig = ‪$GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth'] ?? [];
65  }
66 
72  public function ‪checkAuthentication()
73  {
74  }
75 
81  public function ‪authenticate()
82  {
83  // check if a _CLI_ user exists, if not, create one
84  $this->‪setBeUserByName($this->username);
85  if (!$this->user['uid']) {
86  // create a new BE user in the database
87  if (!$this->‪checkIfCliUserExists()) {
88  $this->‪createCliUser();
89  } else {
90  throw new \RuntimeException('No backend user named "_cli_" could be authenticated, maybe this user is "hidden"?', 1484050401);
91  }
92  $this->‪setBeUserByName($this->username);
93  }
94  if (!$this->user['uid']) {
95  throw new \RuntimeException('No backend user named "_cli_" could be created.', 1476107195);
96  }
97  // The groups are fetched and ready for permission checking in this initialization.
98  $this->‪fetchGroupData();
99  $this->‪backendSetUC();
100  // activate this functionality for DataHandler
101  $this->uc['recursiveDelete'] = true;
102  }
103 
109  public function ‪backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
110  {
111  $this->‪authenticate();
112  }
113 
120  protected function ‪isUserAllowedToLogin()
121  {
122  return in_array((int)‪$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'], [0, 2], true);
123  }
124 
131  protected function ‪checkIfCliUserExists()
132  {
133  $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
134  $queryBuilder->getRestrictions()
135  ->removeAll()
136  ->add(GeneralUtility::makeInstance(DeletedRestriction::class));
137  $count = $queryBuilder
138  ->count('*')
139  ->from('be_users')
140  ->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter('_cli_')))
141  ->execute()
142  ->fetchColumn(0);
143  return (bool)$count;
144  }
145 
149  protected function ‪createCliUser()
150  {
151  $userFields = [
152  'username' => ‪$this->username,
153  'password' => $this->‪generateHashedPassword(),
154  'admin' => 1,
155  'tstamp' => ‪$GLOBALS['EXEC_TIME'],
156  'crdate' => ‪$GLOBALS['EXEC_TIME']
157  ];
158 
159  $databaseConnection = GeneralUtility::makeInstance(ConnectionPool::class)
160  ->getConnectionForTable('be_users');
161  $databaseConnection->insert('be_users', $userFields);
162  }
163 
169  protected function ‪generateHashedPassword()
170  {
171  $cryptoService = GeneralUtility::makeInstance(Random::class);
172  $password = $cryptoService->generateRandomBytes(20);
173  $hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
174  return $hashInstance->getHashedPassword($password);
175  }
176 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory
Definition: PasswordHashFactory.php:25
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\generateHashedPassword
‪string generateHashedPassword()
Definition: CommandLineUserAuthentication.php:168
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\authenticate
‪authenticate()
Definition: CommandLineUserAuthentication.php:80
‪TYPO3\CMS\Core\Authentication
Definition: AbstractAuthenticationService.php:2
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData
‪fetchGroupData()
Definition: BackendUserAuthentication.php:1378
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\createCliUser
‪createCliUser()
Definition: CommandLineUserAuthentication.php:148
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\backendCheckLogin
‪backendCheckLogin($proceedIfNoUserIsLoggedIn=false)
Definition: CommandLineUserAuthentication.php:108
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\isUserAllowedToLogin
‪bool isUserAllowedToLogin()
Definition: CommandLineUserAuthentication.php:119
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC
‪backendSetUC()
Definition: BackendUserAuthentication.php:2607
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\checkAuthentication
‪checkAuthentication()
Definition: CommandLineUserAuthentication.php:71
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:45
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction
Definition: DeletedRestriction.php:26
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\__construct
‪__construct()
Definition: CommandLineUserAuthentication.php:41
‪TYPO3\CMS\Core\Core\Environment
Definition: Environment.php:39
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\checkIfCliUserExists
‪bool checkIfCliUserExists()
Definition: CommandLineUserAuthentication.php:130
‪TYPO3\CMS\Core\Crypto\Random
Definition: Random.php:22
‪TYPO3\CMS\Core\Database\ConnectionPool
Definition: ConnectionPool.php:44
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setBeUserByName
‪setBeUserByName($name)
Definition: AbstractUserAuthentication.php:1513
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\start
‪start()
Definition: CommandLineUserAuthentication.php:59
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:45
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\$username
‪string $username
Definition: CommandLineUserAuthentication.php:34
‪TYPO3\CMS\Core\Core\Environment\isCli
‪static bool isCli()
Definition: Environment.php:127
‪TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication
Definition: CommandLineUserAuthentication.php:29