TYPO3 CMS  TYPO3_8-7
CommandLineUserAuthentication.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
22 
28 {
29 
34  protected $username = '_cli_';
35 
41  public function __construct()
42  {
43  if (!(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_CLI)) {
44  throw new \RuntimeException('Creating a CLI-based user object on non-CLI level is not allowed', 1483971165);
45  }
46  if (!$this->isUserAllowedToLogin()) {
47  throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1483971855);
48  }
49  $this->dontSetCookie = true;
50  parent::__construct();
51  }
52 
58  public function authenticate()
59  {
60  // check if a _CLI_ user exists, if not, create one
61  $this->setBeUserByName($this->username);
62  if (!$this->user['uid']) {
63  // create a new BE user in the database
64  if (!$this->checkIfCliUserExists()) {
65  $this->createCliUser();
66  } else {
67  throw new \RuntimeException('No backend user named "_cli_" could be authenticated, maybe this user is "hidden"?', 1484050401);
68  }
69  $this->setBeUserByName($this->username);
70  }
71  if (!$this->user['uid']) {
72  throw new \RuntimeException('No backend user named "_cli_" could be created.', 1476107195);
73  }
74  // The groups are fetched and ready for permission checking in this initialization.
75  $this->fetchGroupData();
76  $this->backendSetUC();
77  // activate this functionality for DataHandler
78  $this->uc['recursiveDelete'] = true;
79  }
80 
86  public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
87  {
88  $this->authenticate();
89  }
90 
97  protected function isUserAllowedToLogin()
98  {
99  return in_array((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'], [0, 2], true);
100  }
101 
108  protected function checkIfCliUserExists()
109  {
110  $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
111  $queryBuilder->getRestrictions()
112  ->removeAll()
113  ->add(GeneralUtility::makeInstance(DeletedRestriction::class));
114  $count = $queryBuilder
115  ->count('*')
116  ->from('be_users')
117  ->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter('_cli_')))
118  ->execute()
119  ->fetchColumn(0);
120  return (bool)$count;
121  }
122 
126  protected function createCliUser()
127  {
128  $userFields = [
129  'username' => $this->username,
130  'password' => $this->generateHashedPassword(),
131  'admin' => 1,
132  'tstamp' => $GLOBALS['EXEC_TIME'],
133  'crdate' => $GLOBALS['EXEC_TIME']
134  ];
135 
136  $databaseConnection = GeneralUtility::makeInstance(ConnectionPool::class)
137  ->getConnectionForTable('be_users');
138  $databaseConnection->insert('be_users', $userFields);
139  }
140 
146  protected function generateHashedPassword()
147  {
148  $cryptoService = GeneralUtility::makeInstance(Random::class);
149  $password = $cryptoService->generateRandomBytes(20);
150  $saltFactory = SaltFactory::getSaltingInstance(null, 'BE');
151  return $saltFactory->getHashedPassword($password);
152  }
153 }
static getSaltingInstance($saltedHash='', $mode=TYPO3_MODE)
Definition: SaltFactory.php:83
static makeInstance($className,... $constructorArguments)
if(TYPO3_MODE==='BE') $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController']['default']