Inheritance diagram for TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication:

Public Member Functions
	__construct ()

	start ()

array	getNewSessionRecord ($tempuser)

bool	isSetSessionCookie ()

bool	isRefreshTimeBasedCookie ()

array	getLoginFormData ()

array	createUserSession ($tempuser)

int	fetchGroupData ()

array	getUserTSconf ()

	storeSessionData ()

	removeSessionData ()

mixed	getKey ($type, $key)

	setKey ($type, $key, $data)

	setSessionData ($key, $data)

	setAndSaveSessionData ($key, $data)

	gc ()

	hideActiveLogin ()

	updateOnlineTimestamp ()

‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
	checkAuthentication ()

string	createSessionId ()

array bool	fetchUserSession ($skipSessionUpdate=false)

	enforceNewSessionId ()

	logoff ()

	removeCookie ($cookieName)

bool	isExistingSessionRecord ($id)

bool	isCookieSet ()

	writeUC ($variable='')

	unpack_uc ($theUC='')

	pushModuleData ($module, $data, $noSave=0)

mixed	getModuleData ($module, $type='')

mixed	getSessionData ($key)

array	processLoginData ($loginData, $passwordTransmissionStrategy='')

array	getAuthInfoArray ()

bool	compareUident ($user, $loginData, $passwordCompareStrategy='')

	writelog ($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid)

	checkLogFailures ($email, $secondsBack, $maxFailures)

	setBeUserByUid ($uid)

	setBeUserByName ($name)

array	getRawUserByUid ($uid)

array	getRawUserByName ($name)

mixed	fetchUserRecord ($dbUser, $username, $extraWhere='')

string	getSessionId ()

string	getLoginType ()

Static Public Member Functions
static string	getCookieName ()

Public Attributes
string	$formfield_permanent = 'permalogin'

int	$sessionTimeout = 6000

string	$usergroup_column = 'usergroup'

string	$usergroup_table = 'fe_groups'

array	$groupData

array	$TSdataArray = array( )

array	$userTS = array( )

bool	$userTSUpdated = false

bool	$sesData_change = false

bool	$userData_change = false

bool	$is_permanent = false

‪Public Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
string	$name = ''

string	$get_name = ''

string	$user_table = ''

string	$usergroup_table = ''

string	$username_column = ''

string	$userident_column = ''

string	$userid_column = ''

string	$usergroup_column = ''

string	$lastLogin_column = ''

array	$enablecolumns

bool	$showHiddenRecords = false

string	$formfield_uname = ''

string	$formfield_uident = ''

string	$formfield_status = ''

int	$sessionTimeout = 0

string	$auth_timeout_field = ''

int	$lifetime = 0

int	$gc_time = 0

int	$gc_probability = 1

bool	$writeStdLog = false

bool	$writeAttemptLog = false

bool	$sendNoCacheHeaders = true

bool	$getFallBack = false

int	$hash_length = 32

bool	$getMethodEnabled = false

int	$lockIP = 4

string	$warningEmail = ''

int	$warningPeriod = 3600

int	$warningMax = 3

bool	$checkPid = true

int	$checkPid_value = 0

string	$id

bool	$loginFailure = false

bool	$loginSessionStarted = false

array null	$user

string	$get_URL_ID = ''

bool	$newSessionID = false

bool	$forceSetCookie = false

bool	$dontSetCookie = false

string	$loginType = ''

array	$svConfig = array( )

array	$uc

Protected Member Functions
	performLogoff ()

	regenerateSessionId (array $existingSessionRecord=[], bool $anonymous=false)

‪Protected Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
	sendHttpHeaders ()

array	getHttpHeaders ()

	setSessionCookie ()

string	getCookieDomain ()

string	getCookie ($cookieName)

Traversable	getAuthServices (string $subType, array $loginData, array $authInfo)

	updateLoginTimestamp (int $userId)

QueryRestrictionContainerInterface	userConstraints ()

string	ipLockClause_remoteIPNumber ($parts)

mixed	removeSensitiveLoginDataForLoggingInfo ($data, bool $isUserRecord=false)

SessionBackendInterface	getSessionBackend ()

Protected Attributes
int	$sessionDataLifetime = 86400

bool	$loginHidden = false

‪Protected Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
bool	$cookieWasSetOnCurrentRequest = false

SessionBackendInterface	$sessionBackend

array	$sessionData = array( )

Detailed Description

Extension class for Front End User Authentication.

Definition at line 27 of file FrontendUserAuthentication.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::__construct ( )

Default constructor.

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 98 of file FrontendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getCookieName().

Member Function Documentation

◆ createUserSession()

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::createUserSession ( $tempuser )

Creates a user session record and returns its values. However, as the FE user cookie is normally not set, this has to be done before the parent class is doing the rest.

Parameters

array $tempuser ‪User data array

Returns: ‪array The session data for the newly created session.

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 241 of file FrontendUserAuthentication.php.

◆ fetchGroupData()

int TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::fetchGroupData ( )

Will select all fe_groups records that the current fe_user is member of and which groups are also allowed in the current domain. It also accumulates the TSconfig for the fe_user/fe_groups in ->TSdataArray

Returns: ‪int Returns the number of usergroups for the frontend users (if the internal user record exists and the usergroup field contains a value)

Definition at line 257 of file FrontendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\$groupData, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$loginType, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray().

◆ gc()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::gc ( )

Garbage collector, removing old expired sessions.

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 580 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\collectGarbage(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend().

◆ getCookieName()

static string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getCookieName ( )

static

Returns the configured cookie name

Returns: ‪string

Definition at line 137 of file FrontendUserAuthentication.php.

References $GLOBALS.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\__construct(), TYPO3\CMS\Frontend\Utility\EidUtility\initFeUser(), TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController\initFEuser(), and TYPO3\CMS\Frontend\Middleware\FrontendUserAuthenticator\transferFrontendUserSession().

◆ getKey()

mixed TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getKey	(	$type,
		$key
	)

Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)

Parameters

string	$type	‪Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string	$key	‪Key from the data array to return; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines which key to return the value for.

Returns: ‪mixed Returns whatever value there was in the array for the key, $key

See also: ‪setKey()

Definition at line 497 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionData().

Referenced by TYPO3\CMS\Form\Domain\Runtime\FormRuntime\getHoneypotNameFromSession().

◆ getLoginFormData()

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getLoginFormData ( )

Returns an info array with Login/Logout data submitted by a form or params

Returns: ‪array

See also: ‪AbstractUserAuthentication::getLoginFormData()

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 206 of file FrontendUserAuthentication.php.

References $GLOBALS.

◆ getNewSessionRecord()

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getNewSessionRecord ( $tempuser )

Returns a new session record for the current user for insertion into the DB.

Parameters

array $tempuser

Returns: ‪array User session record

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 170 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ getUserTSconf()

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getUserTSconf ( )

Returns the parsed TSconfig for the fe_user The TSconfig will be cached in $this->userTS.

Returns: ‪array TSconfig array for the fe_user

Definition at line 349 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\$userTS, and TYPO3\CMS\Core\TypoScript\Parser\TypoScriptParser\checkIncludeLines_array().

◆ hideActiveLogin()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::hideActiveLogin ( )

Hide the current login

This is used by the fe_login_mode feature for pages. A current login is unset, but we remember that there has been one.

Definition at line 591 of file FrontendUserAuthentication.php.

◆ isRefreshTimeBasedCookie()

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::isRefreshTimeBasedCookie ( )

Determine whether a non-session cookie needs to be set (lifetime>0)

Returns: ‪bool

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 195 of file FrontendUserAuthentication.php.

◆ isSetSessionCookie()

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::isSetSessionCookie ( )

Determine whether a session cookie needs to be set (lifetime=0)

Returns: ‪bool

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 183 of file FrontendUserAuthentication.php.

◆ performLogoff()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::performLogoff ( )

protected

Removes the current session record, sets the internal ->user array to null, Thereby the current user (if any) is effectively logged out! Additionally the cookie is removed, but only if there is no session data. If session data exists, only the user information is removed and the session gets converted into an anonymous session if the feature toggle "security.frontend.keepSessionDataOnLogout" is set to true (default: false).

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 439 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$sessionData, TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\get(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isCookieSet(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\regenerateSessionId(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeCookie().

◆ regenerateSessionId()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::regenerateSessionId	(	array	$existingSessionRecord = `[]`,
		bool	$anonymous = `false`
	)

protected

Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated. Forces cookie to be set

Parameters

array	$existingSessionRecord	‪If given, this session record will be used instead of fetching again'
bool	$anonymous	‪If true session will be regenerated as anonymous session

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 474 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\get(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\performLogoff().

◆ removeSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::removeSessionData ( )

Removes data of the current session.

Definition at line 412 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isExistingSessionRecord(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\remove(), and TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\update().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ setAndSaveSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setAndSaveSessionData	(	$key,
		$data
	)

Saves the tokens so that they can be used by a later incarnation of this class.

Parameters

string	$key
mixed	$data

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 569 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setSessionData(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ setKey()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setKey	(	$type,
		$key,
		$data
	)

Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details. When a value is set the flags $this->userData_change or $this->sesData_change will be set so that the final call to ->storeSessionData() will know if a change has occurred and needs to be saved to the database. Notice: Simply calling this function will not save the data to the database! The actual saving is done in storeSessionData() which is called as some of the last things in \TYPO3\CMS\Frontend\Http\RequestHandler. So if you exit before this point, nothing gets saved of course! And the solution is to call $GLOBALS['TSFE']->storeSessionData(); before you exit.

Parameters

string	$type	‪Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string	$key	‪Key from the data array to store incoming data in; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines in which key the $data value will be stored.
mixed	$data	‪The data value to store in $key

See also: ‪setKey(), storeSessionData()

Definition at line 524 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setSessionData().

Referenced by TYPO3\CMS\Form\Domain\Runtime\FormRuntime\setHoneypotNameInSession().

◆ setSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setSessionData	(	$key,
		$data
	)

Set session data by key. The data will last only for this login session since it is stored in the user session.

Parameters

string	$key	‪A non empty string to store the data under
mixed	$data	‪Data store store in session

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 553 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setAndSaveSessionData(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setKey().

◆ start()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::start ( )

Starts a user session

See also: ‪AbstractUserAuthentication::start()

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 151 of file FrontendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$lifetime.

◆ storeSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::storeSessionData ( )

Will write UC and session data. If the flag $this->userData_change has been set, the function ->writeUC is called (which will save persistent user session data) If the flag $this->sesData_change has been set, the current session record is updated with the content of $this->sessionData

See also: ‪getKey(), setKey()

Definition at line 375 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getNewSessionRecord(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isCookieSet(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isExistingSessionRecord(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeCookie(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\removeSessionData(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\set(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionCookie(), TYPO3\CMS\Core\Session\Backend\SessionBackendInterface\update(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writeUC().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setAndSaveSessionData().

◆ updateOnlineTimestamp()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::updateOnlineTimestamp ( )

Update the field "is_online" every 60 seconds of a logged-in user

Definition at line 602 of file FrontendUserAuthentication.php.

References $GLOBALS.

Member Data Documentation

◆ $formfield_permanent

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$formfield_permanent = 'permalogin'

form field with 0 or 1 1 = permanent login enabled 0 = session is valid for a browser session only

Definition at line 34 of file FrontendUserAuthentication.php.

◆ $groupData

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$groupData

Initial value:

= array( 
        'title' => [],
        'uid' => [],
        'pid' => []
     )

Definition at line 60 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\fetchGroupData().

◆ $is_permanent

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$is_permanent = false

Definition at line 89 of file FrontendUserAuthentication.php.

◆ $loginHidden

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$loginHidden = false

protected

Definition at line 93 of file FrontendUserAuthentication.php.

◆ $sesData_change

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$sesData_change = false

Definition at line 81 of file FrontendUserAuthentication.php.

◆ $sessionDataLifetime

int TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$sessionDataLifetime = 86400

protected

Lifetime of anonymous session data in seconds.

Definition at line 39 of file FrontendUserAuthentication.php.

◆ $sessionTimeout

int TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$sessionTimeout = 6000

Session timeout (on the server)

If >0: session-timeout in seconds. If <=0: Instant logout after login.

Definition at line 48 of file FrontendUserAuthentication.php.

◆ $TSdataArray

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$TSdataArray = array( )

Used to accumulate the TSconfig data of the user

Definition at line 69 of file FrontendUserAuthentication.php.

◆ $userData_change

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userData_change = false

Definition at line 85 of file FrontendUserAuthentication.php.

◆ $usergroup_column

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$usergroup_column = 'usergroup'

Definition at line 52 of file FrontendUserAuthentication.php.

◆ $usergroup_table

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$usergroup_table = 'fe_groups'

Definition at line 56 of file FrontendUserAuthentication.php.

◆ $userTS

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userTS = array( )

Definition at line 73 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getUserTSconf().

◆ $userTSUpdated

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userTSUpdated = false

Definition at line 77 of file FrontendUserAuthentication.php.

Public Member Functions

Static Public Member Functions

Public Attributes

Protected Member Functions

Protected Attributes

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ createUserSession()

◆ fetchGroupData()

◆ gc()

◆ getCookieName()

◆ getKey()

◆ getLoginFormData()

◆ getNewSessionRecord()

◆ getUserTSconf()

◆ hideActiveLogin()

◆ isRefreshTimeBasedCookie()

◆ isSetSessionCookie()

◆ performLogoff()

◆ regenerateSessionId()

◆ removeSessionData()

◆ setAndSaveSessionData()

◆ setKey()

◆ setSessionData()

◆ start()

◆ storeSessionData()

◆ updateOnlineTimestamp()

Member Data Documentation

◆ $formfield_permanent

◆ $groupData

◆ $is_permanent

◆ $loginHidden

◆ $sesData_change

◆ $sessionDataLifetime

◆ $sessionTimeout

◆ $TSdataArray

◆ $userData_change

◆ $usergroup_column

◆ $usergroup_table

◆ $userTS

◆ $userTSUpdated