‪TYPO3CMS  9.5
BackendUserAuthenticator.php
Go to the documentation of this file.
1 <?php
2 declare(strict_types = 1);
3 
4 namespace ‪TYPO3\CMS\Frontend\Middleware;
5 
6 /*
7  * This file is part of the TYPO3 CMS project.
8  *
9  * It is free software; you can redistribute it and/or modify it under
10  * the terms of the GNU General Public License, either version 2
11  * of the License, or any later version.
12  *
13  * For the full copyright and license information, please read the
14  * LICENSE.txt file that was distributed with this source code.
15  *
16  * The TYPO3 project - inspiring people to share!
17  */
18 
19 use Psr\Http\Message\ResponseInterface;
20 use Psr\Http\Message\ServerRequestInterface;
21 use Psr\Http\Server\MiddlewareInterface;
22 use Psr\Http\Server\RequestHandlerInterface;
23 use ‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication;
24 use ‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
25 use ‪TYPO3\CMS\Core\Context\Context;
26 use ‪TYPO3\CMS\Core\Context\UserAspect;
27 use ‪TYPO3\CMS\Core\Context\WorkspaceAspect;
28 use ‪TYPO3\CMS\Core\Core\Bootstrap;
29 use ‪TYPO3\CMS\Core\Http\NormalizedParams;
30 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
31 
43 class ‪BackendUserAuthenticator implements MiddlewareInterface
44 {
53  public function ‪process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
54  {
55  // PRE BE_USER HOOK
56  if (!empty(‪$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'])) {
57  trigger_error('The "preBeUser" hook will be removed in TYPO3 v10.0 in favor of PSR-15. Use a middleware instead.', E_USER_DEPRECATED);
58  foreach (‪$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'] as $_funcRef) {
59  $_params = [];
60  GeneralUtility::callUserFunction($_funcRef, $_params, ‪$GLOBALS['TSFE']);
61  }
62  }
63 
64  // Initializing a possible logged-in Backend User
65  // If the backend cookie is set,
66  // we proceed and check if a backend user is logged in.
67  $backendUserObject = null;
68  if (isset($request->getCookieParams()[‪BackendUserAuthentication::getCookieName()])) {
69  $backendUserObject = $this->‪initializeBackendUser($request);
70  }
71 
72  ‪$GLOBALS['BE_USER'] = $backendUserObject;
73 
74  // POST BE_USER HOOK
75  if (!empty(‪$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'])) {
76  $_params = [
77  'BE_USER' => &‪$GLOBALS['BE_USER']
78  ];
79  trigger_error('The "postBeUser" hook will be removed in TYPO3 v10.0 in favor of PSR-15. Use a middleware instead.', E_USER_DEPRECATED);
80  foreach (‪$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'] as $_funcRef) {
81  GeneralUtility::callUserFunction($_funcRef, $_params, ‪$GLOBALS['TSFE']);
82  }
83  }
84 
85  // Load specific dependencies which are necessary for a valid Backend User
86  // like $GLOBALS['LANG'] for labels in the language of the BE User, the router, and ext_tables.php for all modules
87  // So things like Frontend Editing and Admin Panel can use this for generating links to the TYPO3 Backend.
88  if (‪$GLOBALS['BE_USER'] instanceof ‪FrontendBackendUserAuthentication) {
89  ‪Bootstrap::initializeLanguageObject();
90  ‪Bootstrap::initializeBackendRouter();
91  ‪Bootstrap::loadExtTables();
92  $this->‪setBackendUserAspect(GeneralUtility::makeInstance(Context::class), ‪$GLOBALS['BE_USER']);
93  }
94 
95  return $handler->handle($request);
96  }
97 
105  protected function ‪initializeBackendUser(ServerRequestInterface $request)
106  {
107  // New backend user object
108  $backendUserObject = GeneralUtility::makeInstance(FrontendBackendUserAuthentication::class);
109  $backendUserObject->start();
110  $backendUserObject->unpack_uc();
111  if (!empty($backendUserObject->user['uid'])) {
112  $backendUserObject->fetchGroupData();
113  }
114  // Unset the user initialization if any setting / restriction applies
115  if (!$this->‪isAuthenticated($backendUserObject, $request->getAttribute('normalizedParams'))) {
116  $backendUserObject = null;
117  }
118  return $backendUserObject;
119  }
120 
128  protected function ‪isAuthenticated(‪FrontendBackendUserAuthentication $user, ‪NormalizedParams $normalizedParams)
129  {
130  // Check IP
131  $ipMask = trim(‪$GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'] ?? '');
132  if ($ipMask && !GeneralUtility::cmpIP($normalizedParams->‪getRemoteAddress(), $ipMask)) {
133  return false;
134  }
135  // Check SSL (https)
136  if ((bool)‪$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] && !$normalizedParams->‪isHttps()) {
137  return false;
138  }
139  return $user->‪backendCheckLogin();
140  }
141 
148  protected function ‪setBackendUserAspect(‪Context $context, ‪BackendUserAuthentication $user)
149  {
150  $context->‪setAspect('backend.user', GeneralUtility::makeInstance(UserAspect::class, $user));
151  $context->‪setAspect('workspace', GeneralUtility::makeInstance(WorkspaceAspect::class, $user->workspace));
152  }
153 }
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator
Definition: BackendUserAuthenticator.php:44
‪TYPO3\CMS\Core\Context\WorkspaceAspect
Definition: WorkspaceAspect.php:29
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication
Definition: FrontendBackendUserAuthentication.php:35
‪TYPO3\CMS\Core\Core\Bootstrap\initializeBackendRouter
‪static Bootstrap null initializeBackendRouter()
Definition: Bootstrap.php:898
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\initializeBackendUser
‪FrontendBackendUserAuthentication null initializeBackendUser(ServerRequestInterface $request)
Definition: BackendUserAuthenticator.php:105
‪TYPO3\CMS\Core\Context\Context
Definition: Context.php:49
‪TYPO3\CMS\Core\Context\Context\setAspect
‪setAspect(string $name, AspectInterface $aspect)
Definition: Context.php:141
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getCookieName
‪static string getCookieName()
Definition: BackendUserAuthentication.php:2529
‪TYPO3\CMS\Core\Http\NormalizedParams\getRemoteAddress
‪string getRemoteAddress()
Definition: NormalizedParams.php:390
‪TYPO3\CMS\Frontend\Middleware
Definition: BackendUserAuthenticator.php:4
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\isAuthenticated
‪bool isAuthenticated(FrontendBackendUserAuthentication $user, NormalizedParams $normalizedParams)
Definition: BackendUserAuthenticator.php:128
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\setBackendUserAspect
‪setBackendUserAspect(Context $context, BackendUserAuthentication $user)
Definition: BackendUserAuthenticator.php:148
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:45
‪TYPO3\CMS\Core\Http\NormalizedParams\isHttps
‪bool isHttps()
Definition: NormalizedParams.php:310
‪TYPO3\CMS\Core\Core\Bootstrap\loadExtTables
‪static Bootstrap null loadExtTables(bool $allowCaching=true)
Definition: Bootstrap.php:864
‪TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\process
‪ResponseInterface process(ServerRequestInterface $request, RequestHandlerInterface $handler)
Definition: BackendUserAuthenticator.php:53
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\backendCheckLogin
‪bool backendCheckLogin($proceedIfNoUserIsLoggedIn=false)
Definition: FrontendBackendUserAuthentication.php:194
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Core\Core\Bootstrap
Definition: Bootstrap.php:50
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:45
‪TYPO3\CMS\Core\Context\UserAspect
Definition: UserAspect.php:36
‪TYPO3\CMS\Core\Http\NormalizedParams
Definition: NormalizedParams.php:32
‪TYPO3\CMS\Core\Core\Bootstrap\initializeLanguageObject
‪static Bootstrap null initializeLanguageObject()
Definition: Bootstrap.php:986