TYPO3 CMS  TYPO3_8-7
Public Member Functions | Static Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication Class Reference
Inheritance diagram for TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication:
TYPO3\CMS\Core\Authentication\AbstractUserAuthentication

Public Member Functions

 __construct ()
 
 start ()
 
 getNewSessionRecord ($tempuser)
 
 isSetSessionCookie ()
 
 isRefreshTimeBasedCookie ()
 
 getLoginFormData ()
 
 createUserSession ($tempuser)
 
 fetchGroupData ()
 
 getUserTSconf ()
 
 storeSessionData ()
 
 removeSessionData ()
 
 getKey ($type, $key)
 
 setKey ($type, $key, $data)
 
 setSessionData ($key, $data)
 
 setAndSaveSessionData ($key, $data)
 
 record_registration ($recs, $maxSizeOfSessionData=0)
 
 gc ()
 
 hideActiveLogin ()
 
- Public Member Functions inherited from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 __construct ()
 
 start ()
 
 isSetSessionCookie ()
 
 isRefreshTimeBasedCookie ()
 
 createSessionId ()
 
 createUserSession ($tempuser)
 
 getNewSessionRecord ($tempuser)
 
 fetchUserSession ($skipSessionUpdate=false)
 
 enforceNewSessionId ()
 
 logoff ()
 
 removeCookie ($cookieName)
 
 isExistingSessionRecord ($id)
 
 isCookieSet ()
 
 veriCode ()
 
 writeUC ($variable='')
 
 unpack_uc ($theUC='')
 
 pushModuleData ($module, $data, $noSave=0)
 
 getModuleData ($module, $type='')
 
 getSessionData ($key)
 
 setSessionData ($key, $data)
 
 setAndSaveSessionData ($key, $data)
 
 getLoginFormData ()
 
 processLoginData ($loginData, $passwordTransmissionStrategy='')
 
 getAuthInfoArray ()
 
 compareUident ($user, $loginData, $passwordCompareStrategy='')
 
 gc ()
 
 writelog ($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid)
 
 checkLogFailures ($email, $secondsBack, $maxFailures)
 
 setBeUserByUid ($uid)
 
 setBeUserByName ($name)
 
 getRawUserByUid ($uid)
 
 getRawUserByName ($name)
 
 fetchUserRecord ($dbUser, $username, $extraWhere='')
 
 getSessionId ()
 
 getLoginType ()
 

Static Public Member Functions

static getCookieName ()
 

Public Attributes

 $formfield_permanent = 'permalogin'
 
 $sessionTimeout = 6000
 
 $usergroup_column = 'usergroup'
 
 $usergroup_table = 'fe_groups'
 
 $groupData
 
 $TSdataArray = []
 
 $userTS = []
 
 $userTSUpdated = false
 
 $sesData_change = false
 
 $userData_change = false
 
 $is_permanent = false
 
- Public Attributes inherited from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 $name = ''
 
 $get_name = ''
 
 $user_table = ''
 
 $usergroup_table = ''
 
 $username_column = ''
 
 $userident_column = ''
 
 $userid_column = ''
 
 $usergroup_column = ''
 
 $lastLogin_column = ''
 
 $enablecolumns
 
 $showHiddenRecords = false
 
 $formfield_uname = ''
 
 $formfield_uident = ''
 
 $formfield_status = ''
 
 $sessionTimeout = 0
 
 $auth_timeout_field = ''
 
 $lifetime = 0
 
 $gc_time = 0
 
 $gc_probability = 1
 
 $writeStdLog = false
 
 $writeAttemptLog = false
 
 $sendNoCacheHeaders = true
 
 $getFallBack = false
 
 $hash_length = 32
 
 $getMethodEnabled = false
 
 $lockIP = 4
 
 $warningEmail = ''
 
 $warningPeriod = 3600
 
 $warningMax = 3
 
 $checkPid = true
 
 $checkPid_value = 0
 
 $id
 
 $loginFailure = false
 
 $loginSessionStarted = false
 
 $user = null
 
 $get_URL_ID = ''
 
 $newSessionID = false
 
 $forceSetCookie = false
 
 $dontSetCookie = false
 
 $loginType = ''
 
 $svConfig = []
 
 $writeDevLog = false
 
 $uc
 

Protected Member Functions

 performLogoff ()
 
 regenerateSessionId (array $existingSessionRecord=[], bool $anonymous=false)
 
- Protected Member Functions inherited from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 setSessionCookie ()
 
 getCookieDomain ()
 
 getCookie ($cookieName)
 
 getAuthServices (string $subType, array $loginData, array $authInfo)
 
 regenerateSessionId (array $existingSessionRecord=[], bool $anonymous=false)
 
 updateLoginTimestamp (int $userId)
 
 performLogoff ()
 
 userConstraints ()
 
 user_where_clause ()
 
 ipLockClause_remoteIPNumber ($parts)
 
 getSessionBackend ()
 

Protected Attributes

 $sessionDataLifetime = 86400
 
 $loginHidden = false
 
- Protected Attributes inherited from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 $cookieWasSetOnCurrentRequest = false
 
 $sessionBackend
 
 $sessionData = []
 

Detailed Description

Extension class for Front End User Authentication.

Definition at line 25 of file FrontendUserAuthentication.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::__construct ( )

Default constructor.

Definition at line 109 of file FrontendUserAuthentication.php.

References $GLOBALS.

Member Function Documentation

◆ createUserSession()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::createUserSession (   $tempuser)

Creates a user session record and returns its values. However, as the FE user cookie is normally not set, this has to be done before the parent class is doing the rest.

Parameters
array$tempuserUser data array
Returns
array The session data for the newly created session.

Definition at line 251 of file FrontendUserAuthentication.php.

◆ fetchGroupData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::fetchGroupData ( )

Will select all fe_groups records that the current fe_user is member of and which groups are also allowed in the current domain. It also accumulates the TSconfig for the fe_user/fe_groups in ->TSdataArray

Returns
int Returns the number of usergroups for the frontend users (if the internal user record exists and the usergroup field contains a value)

Definition at line 267 of file FrontendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\$groupData, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$loginType, TYPO3\CMS\Core\Utility\GeneralUtility\arrayToLogString(), TYPO3\CMS\Core\Utility\GeneralUtility\devLog(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getAuthInfoArray(), and TYPO3\CMS\Core\Utility\GeneralUtility\makeInstanceService().

◆ gc()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::gc ( )

Garbage collector, removing old expired sessions.

Definition at line 624 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend().

◆ getCookieName()

static TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getCookieName ( )
static

Returns the configured cookie name

Returns
string

Definition at line 147 of file FrontendUserAuthentication.php.

References $GLOBALS.

Referenced by TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController\initFEuser().

◆ getKey()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getKey (   $type,
  $key 
)

Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)

Parameters
string$typeSession data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string$keyKey from the data array to return; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines which key to return the value for.
Returns
mixed Returns whatever value there was in the array for the key, $key
See also
setKey()

Definition at line 503 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionData().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\record_registration().

◆ getLoginFormData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getLoginFormData ( )

Returns an info array with Login/Logout data submitted by a form or params

Returns
array
See also
AbstractUserAuthentication::getLoginFormData()

Definition at line 216 of file FrontendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Utility\GeneralUtility\_GP(), and TYPO3\CMS\Core\Utility\GeneralUtility\_POST().

◆ getNewSessionRecord()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getNewSessionRecord (   $tempuser)

Returns a new session record for the current user for insertion into the DB.

Parameters
array$tempuser
Returns
array User session record

Definition at line 180 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ getUserTSconf()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getUserTSconf ( )

Returns the parsed TSconfig for the fe_user The TSconfig will be cached in $this->userTS.

Returns
array TSconfig array for the fe_user

Definition at line 357 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\$userTS, TYPO3\CMS\Core\TypoScript\Parser\TypoScriptParser\checkIncludeLines_array(), and TYPO3\CMS\Core\Utility\GeneralUtility\makeInstance().

◆ hideActiveLogin()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::hideActiveLogin ( )

Hide the current login

This is used by the fe_login_mode feature for pages. A current login is unset, but we remember that there has been one.

Definition at line 635 of file FrontendUserAuthentication.php.

◆ isRefreshTimeBasedCookie()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::isRefreshTimeBasedCookie ( )

Determine whether a non-session cookie needs to be set (lifetime>0)

Returns
bool

Definition at line 205 of file FrontendUserAuthentication.php.

◆ isSetSessionCookie()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::isSetSessionCookie ( )

Determine whether a session cookie needs to be set (lifetime=0)

Returns
bool

Definition at line 193 of file FrontendUserAuthentication.php.

◆ performLogoff()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::performLogoff ( )
protected

Removes the current session record, sets the internal ->user array to null, Thereby the current user (if any) is effectively logged out! Additionally the cookie is removed, but only if there is no session data. If session data exists, only the user information is removed and the session gets converted into an anonymous session if the feature toggle "security.frontend.keepSessionDataOnLogout" is set to true (default: false).

Definition at line 447 of file FrontendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$sessionData, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isCookieSet(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\regenerateSessionId(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeCookie().

◆ record_registration()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::record_registration (   $recs,
  $maxSizeOfSessionData = 0 
)

Registration of records/"shopping basket" in session data This will take the input array, $recs, and merge into the current "recs" array found in the session data. If a change in the recs storage happens (which it probably does) the function setKey() is called in order to store the array again.

Parameters
array$recsThe data array to merge into/override the current recs values. The $recs array is constructed as [table]][uid] = scalar-value (eg. string/integer).
int$maxSizeOfSessionDataThe maximum size of stored session data. If zero, no limit is applied and even confirmation of cookie session is discarded.
Deprecated:
since TYPO3 v8, will be removed in TYPO3 v9. Automatically feeding a "basket" by magic GET/POST keyword "recs" has been deprecated.

Definition at line 591 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getKey(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isCookieSet(), TYPO3\CMS\Core\Utility\GeneralUtility\logDeprecatedFunction(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setKey().

◆ regenerateSessionId()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::regenerateSessionId ( array  $existingSessionRecord = [],
bool  $anonymous = false 
)
protected

Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated. Forces cookie to be set

Parameters
array$existingSessionRecordIf given, this session record will be used instead of fetching again'
bool$anonymousIf true session will be regenerated as anonymous session

Definition at line 480 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\performLogoff().

◆ removeSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::removeSessionData ( )

Removes data of the current session.

Definition at line 420 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isExistingSessionRecord().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ setAndSaveSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setAndSaveSessionData (   $key,
  $data 
)

Saves the tokens so that they can be used by a later incarnation of this class.

Parameters
string$key
mixed$data

Definition at line 576 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setSessionData(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ setKey()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setKey (   $type,
  $key,
  $data 
)

Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details. When a value is set the flags $this->userData_change or $this->sesData_change will be set so that the final call to ->storeSessionData() will know if a change has occurred and needs to be saved to the database. Notice: The key "recs" is already used by the function record_registration() which stores table/uid=value pairs in that key. This is used for the shopping basket among other things. Notice: Simply calling this function will not save the data to the database! The actual saving is done in storeSessionData() which is called as some of the last things in . So if you exit before this point, nothing gets saved of course! And the solution is to call $GLOBALS['TSFE']->storeSessionData(); before you exit.

Parameters
string$typeSession data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string$keyKey from the data array to store incoming data in; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines in which key the $data value will be stored.
mixed$dataThe data value to store in $key
See also
setKey(), storeSessionData(), record_registration()

Definition at line 531 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setSessionData().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\record_registration().

◆ setSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setSessionData (   $key,
  $data 
)

Set session data by key. The data will last only for this login session since it is stored in the user session.

Parameters
string$keyA non empty string to store the data under
mixed$dataData store store in session

Definition at line 560 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setAndSaveSessionData(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setKey().

◆ start()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::start ( )

Starts a user session

See also
AbstractUserAuthentication::start()

Definition at line 161 of file FrontendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$lifetime.

◆ storeSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::storeSessionData ( )

Will write UC and session data. If the flag $this->userData_change has been set, the function ->writeUC is called (which will save persistent user session data) If the flag $this->sesData_change has been set, the current session record is updated with the content of $this->sessionData

See also
getKey(), setKey()

Definition at line 383 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getNewSessionRecord(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionBackend(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isCookieSet(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\isExistingSessionRecord(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\removeCookie(), TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\removeSessionData(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionCookie(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writeUC().

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\setAndSaveSessionData().

Member Data Documentation

◆ $formfield_permanent

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$formfield_permanent = 'permalogin'

Definition at line 33 of file FrontendUserAuthentication.php.

◆ $groupData

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$groupData
Initial value:
= [
'title' => []

Definition at line 64 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\fetchGroupData().

◆ $is_permanent

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$is_permanent = false

Definition at line 99 of file FrontendUserAuthentication.php.

◆ $loginHidden

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$loginHidden = false
protected

Definition at line 104 of file FrontendUserAuthentication.php.

◆ $sesData_change

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$sesData_change = false

Definition at line 89 of file FrontendUserAuthentication.php.

◆ $sessionDataLifetime

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$sessionDataLifetime = 86400
protected

Definition at line 39 of file FrontendUserAuthentication.php.

◆ $sessionTimeout

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$sessionTimeout = 6000

Definition at line 49 of file FrontendUserAuthentication.php.

◆ $TSdataArray

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$TSdataArray = []

Definition at line 74 of file FrontendUserAuthentication.php.

◆ $userData_change

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userData_change = false

Definition at line 94 of file FrontendUserAuthentication.php.

◆ $usergroup_column

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$usergroup_column = 'usergroup'

Definition at line 54 of file FrontendUserAuthentication.php.

◆ $usergroup_table

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$usergroup_table = 'fe_groups'

Definition at line 59 of file FrontendUserAuthentication.php.

◆ $userTS

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userTS = []

Definition at line 79 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getUserTSconf().

◆ $userTSUpdated

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userTSUpdated = false

Definition at line 84 of file FrontendUserAuthentication.php.