TYPO3_6-2/_authentication_service_8php_source.html

 <?php
 namespace TYPO3\CMS\Sv;

 class AuthenticationService extends \TYPO3\CMS\Sv\AbstractAuthenticationService {

     public function processLoginData(array &$loginData, $passwordTransmissionStrategy) {
         $isProcessed = TRUE;
         // Processing data according to the state it was submitted in.
         switch ($passwordTransmissionStrategy) {
             case 'normal':
                 $loginData['uident_text'] = $loginData['uident'];
                 break;
             case 'challenged':
                 $loginData['uident_text'] = '';
                 $loginData['uident_challenged'] = $loginData['uident'];
                 $loginData['uident_superchallenged'] = '';
                 break;
             case 'superchallenged':
                 $loginData['uident_text'] = '';
                 $loginData['uident_challenged'] = '';
                 $loginData['uident_superchallenged'] = $loginData['uident'];
                 break;
             default:
                 $isProcessed = FALSE;
         }
         if (!empty($loginData['uident_text'])) {
             $loginData['uident_challenged'] = (string) md5(($loginData['uname'] . ':' . $loginData['uident_text'] . ':' . $loginData['chalvalue']));
             $loginData['uident_superchallenged'] = (string) md5(($loginData['uname'] . ':' . md5($loginData['uident_text']) . ':' . $loginData['chalvalue']));
             $isProcessed = TRUE;
         }
         return $isProcessed;
     }

     public function getUser() {
         $user = FALSE;
         if ($this->login['status'] == 'login') {
             if ($this->login['uident']) {
                 $user = $this->fetchUserRecord($this->login['uname']);
                 if (!is_array($user)) {
                     // Failed login attempt (no username found)
                     $this->writelog(255, 3, 3, 2, 'Login-attempt from %s (%s), username \'%s\' not found!!', array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
                     // Logout written to log
                     \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf('Login-attempt from %s (%s), username \'%s\' not found!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']), 'Core', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_WARNING);
                 } else {
                     if ($this->writeDevLog) {
                         \TYPO3\CMS\Core\Utility\GeneralUtility::devLog('User found: ' . \TYPO3\CMS\Core\Utility\GeneralUtility::arrayToLogString($user, array($this->db_user['userid_column'], $this->db_user['username_column'])), 'TYPO3\\CMS\\Sv\\AuthenticationService');
                     }
                 }
             } else {
                 // Failed Login attempt (no password given)
                 $this->writelog(255, 3, 3, 2, 'Login-attempt from %s (%s) for username \'%s\' with an empty password!', array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
                 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf('Login-attempt from %s (%s), for username \'%s\' with an empty password!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']), 'Core', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_WARNING);
             }
         }
         return $user;
     }

     public function authUser(array $user) {
         $OK = 100;
         // This authentication service can only work correctly, if a non empty username along with a non empty password is provided.
         // Otherwise a different service is allowed to check for other login credentials
         if ((string)$this->login['uident'] !== '' && (string)$this->login['uname'] !== '') {
             // Checking password match for user:
             $OK = $this->compareUident($user, $this->login);
             if (!$OK) {
                 // Failed login attempt (wrong password) - write that to the log!
                 if ($this->writeAttemptLog) {
                     $this->writelog(255, 3, 3, 1, 'Login-attempt from %s (%s), username \'%s\', password not accepted!', array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
                     \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf('Login-attempt from %s (%s), username \'%s\', password not accepted!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']), 'Core', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_WARNING);
                 }
                 if ($this->writeDevLog) {
                     \TYPO3\CMS\Core\Utility\GeneralUtility::devLog('Password not accepted: ' . $this->login['uident'], 'TYPO3\\CMS\\Sv\\AuthenticationService', 2);
                 }
             }
             // Checking the domain (lockToDomain)
             if ($OK && $user['lockToDomain'] && $user['lockToDomain'] != $this->authInfo['HTTP_HOST']) {
                 // Lock domain didn't match, so error:
                 if ($this->writeAttemptLog) {
                     $this->writelog(255, 3, 3, 1, 'Login-attempt from %s (%s), username \'%s\', locked domain \'%s\' did not match \'%s\'!', array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']));
                     \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf('Login-attempt from %s (%s), username \'%s\', locked domain \'%s\' did not match \'%s\'!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']), 'Core', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_WARNING);
                 }
                 $OK = 0;
             }
         }
         return $OK;
     }

     public function getGroups($user, $knownGroups) {
         global $TYPO3_CONF_VARS;
         $groupDataArr = array();
         if ($this->mode == 'getGroupsFE') {
             $groups = array();
             if (is_array($user) && $user[$this->db_user['usergroup_column']]) {
                 $groupList = $user[$this->db_user['usergroup_column']];
                 $groups = array();
                 $this->getSubGroups($groupList, '', $groups);
             }
             // ADD group-numbers if the IPmask matches.
             if (is_array($TYPO3_CONF_VARS['FE']['IPmaskMountGroups'])) {
                 foreach ($TYPO3_CONF_VARS['FE']['IPmaskMountGroups'] as $IPel) {
                     if ($this->authInfo['REMOTE_ADDR'] && $IPel[0] && \TYPO3\CMS\Core\Utility\GeneralUtility::cmpIP($this->authInfo['REMOTE_ADDR'], $IPel[0])) {
                         $groups[] = (int)$IPel[1];
                     }
                 }
             }
             $groups = array_unique($groups);
             if (count($groups)) {
                 $list = implode(',', $groups);
                 if ($this->writeDevLog) {
                     \TYPO3\CMS\Core\Utility\GeneralUtility::devLog('Get usergroups with id: ' . $list, 'TYPO3\\CMS\\Sv\\AuthenticationService');
                 }
                 $lockToDomain_SQL =
                     ' AND ('
                         . 'lockToDomain=\'\''
                         . ' OR lockToDomain IS NULL'
                         . ' OR lockToDomain=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($this->authInfo['HTTP_HOST'], $this->db_groups['table'])
                     . ')';
                 if (!$this->authInfo['showHiddenRecords']) {
                     $hiddenP = 'AND hidden=0 ';
                 }
                 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 ' . $hiddenP . ' AND uid IN (' . $list . ')' . $lockToDomain_SQL);
                 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                     $groupDataArr[$row['uid']] = $row;
                 }
                 if ($res) {
                     $GLOBALS['TYPO3_DB']->sql_free_result($res);
                 }
             } else {
                 if ($this->writeDevLog) {
                     \TYPO3\CMS\Core\Utility\GeneralUtility::devLog('No usergroups found.', 'TYPO3\\CMS\\Sv\\AuthenticationService', 2);
                 }
             }
         } elseif ($this->mode == 'getGroupsBE') {

         }
         return $groupDataArr;
     }

     public function getSubGroups($grList, $idList = '', &$groups) {
         // Fetching records of the groups in $grList (which are not blocked by lockedToDomain either):
         $lockToDomain_SQL =
             ' AND ('
                 . 'lockToDomain=\'\''
                 . ' OR lockToDomain IS NULL'
                 . ' OR lockToDomain=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($this->authInfo['HTTP_HOST'], 'fe_groups')
             . ')';
         if (!$this->authInfo['showHiddenRecords']) {
             $hiddenP = 'AND hidden=0 ';
         }
         $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,subgroup', 'fe_groups', 'deleted=0 ' . $hiddenP . ' AND uid IN (' . $grList . ')' . $lockToDomain_SQL);
         // Internal group record storage
         $groupRows = array();
         // The groups array is filled
         while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
             if (!in_array($row['uid'], $groups)) {
                 $groups[] = $row['uid'];
             }
             $groupRows[$row['uid']] = $row;
         }
         // Traversing records in the correct order
         $include_staticArr = \TYPO3\CMS\Core\Utility\GeneralUtility::intExplode(',', $grList);
         // traversing list
         foreach ($include_staticArr as $uid) {
             // Get row:
             $row = $groupRows[$uid];
             // Must be an array and $uid should not be in the idList, because then it is somewhere previously in the grouplist
             if (is_array($row) && !\TYPO3\CMS\Core\Utility\GeneralUtility::inList($idList, $uid)) {
                 // Include sub groups
                 if (trim($row['subgroup'])) {
                     // Make integer list
                     $theList = implode(',', \TYPO3\CMS\Core\Utility\GeneralUtility::intExplode(',', $row['subgroup']));
                     // Call recursively, pass along list of already processed groups so they are not recursed again.
                     $this->getSubGroups($theList, $idList . ',' . $uid, $groups);
                 }
             }
         }
     }

 }
TYPO3

$TYPO3_CONF_VARS
$TYPO3_CONF_VARS['SYS']['contentTable']
Definition: ext_localconf.php:183

TYPO3\CMS\Sv\AbstractAuthenticationService\writelog
writelog($type, $action, $error, $details_nr, $details, $data, $tablename='', $recuid='', $recpid='')
Definition: AbstractAuthenticationService.php:134

TYPO3\CMS\Core\Utility\GeneralUtility\devLog
static devLog($msg, $extKey, $severity=0, $dataVar=FALSE)
Definition: GeneralUtility.php:5167

TYPO3\CMS\Core\Utility\GeneralUtility\intExplode
static intExplode($delimiter, $string, $removeEmptyValues=FALSE, $limit=0)
Definition: GeneralUtility.php:1470

$uid
$uid
Definition: server.php:36

TYPO3\CMS\Sv\AuthenticationService\processLoginData
processLoginData(array &$loginData, $passwordTransmissionStrategy)
Definition: AuthenticationService.php:32

TYPO3\CMS\Sv\AuthenticationService\authUser
authUser(array $user)
Definition: AuthenticationService.php:104

TYPO3\CMS\Sv\AuthenticationService\getSubGroups
getSubGroups($grList, $idList='', &$groups)
Definition: AuthenticationService.php:205

TYPO3\CMS\Sv\AbstractAuthenticationService
Definition: AbstractAuthenticationService.php:22

TYPO3\CMS\Sv\AbstractAuthenticationService\fetchUserRecord
fetchUserRecord($username, $extraWhere='', $dbUserSetup='')
Definition: AbstractAuthenticationService.php:154

TYPO3\CMS\Sv
Definition: AbstractAuthenticationService.php:2

$GLOBALS
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
Definition: ext_localconf.php:5

TYPO3\CMS\Sv\AuthenticationService\getGroups
getGroups($user, $knownGroups)
Definition: AuthenticationService.php:142

TYPO3\CMS\Sv\AuthenticationService
Definition: AuthenticationService.php:22

TYPO3\CMS\Sv\AbstractAuthenticationService\compareUident
compareUident(array $user, array $loginData, $passwordCompareStrategy='')
Definition: AbstractAuthenticationService.php:105

TYPO3\CMS\Sv\AuthenticationService\getUser
getUser()
Definition: AuthenticationService.php:66