‪TYPO3CMS  ‪main
EmailLoginNotification.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Backend\Security;
19 
20 use Psr\Http\Message\ServerRequestInterface;
21 use Psr\Log\LoggerAwareInterface;
22 use Psr\Log\LoggerAwareTrait;
23 use Symfony\Component\Mailer\Exception\TransportException;
24 use Symfony\Component\Mime\Exception\RfcComplianceException;
25 use ‪TYPO3\CMS\Core\Attribute\AsEventListener;
26 use ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
27 use ‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
28 use ‪TYPO3\CMS\Core\Authentication\Event\AfterUserLoggedInEvent;
29 use ‪TYPO3\CMS\Core\Http\ServerRequestFactory;
30 use ‪TYPO3\CMS\Core\Mail\FluidEmail;
31 use ‪TYPO3\CMS\Core\Mail\MailerInterface;
32 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
33 
44 final class ‪EmailLoginNotification implements LoggerAwareInterface
45 {
46  use LoggerAwareTrait;
47 
48  private int ‪$warningMode = 0;
49  private string ‪$warningEmailRecipient = '';
50 
54  private ‪$request;
55 
56  public function ‪__construct(
57  private readonly ‪MailerInterface $mailer
58  ) {
59  $this->warningMode = (int)(‪$GLOBALS['TYPO3_CONF_VARS']['BE']['warning_mode'] ?? 0);
60  $this->warningEmailRecipient = ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'] ?? '';
61  }
62 
66  #[AsEventListener('typo3/cms-backend/login-notification')]
67  public function ‪emailAtLogin(‪AfterUserLoggedInEvent $event): void
68  {
69  if (!$event->‪getUser() instanceof ‪BackendUserAuthentication) {
70  return;
71  }
72  $currentUser = $event->‪getUser();
73  $user = $currentUser->user;
74  $genericLoginWarning = $this->warningMode > 0 && !empty($this->warningEmailRecipient);
75  $userLoginNotification = ($currentUser->uc['emailMeAtLogin'] ?? null) && GeneralUtility::validEmail($user['email']);
76  if (!$genericLoginWarning && !$userLoginNotification) {
77  return;
78  }
79  $this->request = $event->‪getRequest() ?? ‪$GLOBALS['TYPO3_REQUEST'] ?? ‪ServerRequestFactory::fromGlobals();
80 
81  if ($genericLoginWarning) {
82  $prefix = $currentUser->isAdmin() ? '[AdminLoginWarning]' : '[LoginWarning]';
83  if ($this->warningMode & 1) {
84  // First bit: Send warning email on any login
85  $this->‪sendEmail($this->warningEmailRecipient, $currentUser, $prefix);
86  } elseif ($currentUser->isAdmin() && $this->warningMode & 2) {
87  // Second bit: Only send warning email when an admin logs in
88  $this->‪sendEmail($this->warningEmailRecipient, $currentUser, $prefix);
89  }
90  }
91  // Trigger an email to the current BE user, if this has been enabled in the user configuration
92  if ($userLoginNotification) {
93  $this->‪sendEmail($user['email'], $currentUser);
94  }
95  }
96 
100  protected function ‪sendEmail(string $recipient, ‪AbstractUserAuthentication $user, ?string $subjectPrefix = null): void
101  {
102  $headline = 'TYPO3 Backend Login notification';
103  $recipients = explode(',', $recipient);
104  $email = GeneralUtility::makeInstance(FluidEmail::class)
105  ->to(...$recipients)
106  ->setRequest($this->request)
107  ->setTemplate('Security/LoginNotification')
108  ->assignMultiple([
109  'user' => $user->user,
110  'prefix' => $subjectPrefix,
111  'language' => ($user->user['lang'] ?? '') ?: 'default',
112  'headline' => $headline,
113  ]);
114  try {
115  $this->mailer->send($email);
116  } catch (TransportException $e) {
117  $this->logger->warning('Could not send notification email to "{recipient}" due to mailer settings error', [
118  'recipient' => $recipient,
119  'userId' => $user->user['uid'] ?? 0,
120  'recipientList' => $recipients,
121  'exception' => $e,
122  ]);
123  } catch (RfcComplianceException $e) {
124  $this->logger->warning('Could not send notification email to "{recipient}" due to invalid email address', [
125  'recipient' => $recipient,
126  'userId' => $user->user['uid'] ?? 0,
127  'recipientList' => $recipients,
128  'exception' => $e,
129  ]);
130  }
131  }
132 }
‪TYPO3\CMS\Backend\Security\EmailLoginNotification\$request
‪ServerRequestInterface $request
Definition: EmailLoginNotification.php:53
‪TYPO3\CMS\Core\Attribute\AsEventListener
Definition: AsEventListener.php:25
‪TYPO3\CMS\Core\Mail\MailerInterface
Definition: MailerInterface.php:28
‪TYPO3\CMS\Backend\Security\EmailLoginNotification
Definition: EmailLoginNotification.php:45
‪TYPO3\CMS\Core\Mail\FluidEmail
Definition: FluidEmail.php:35
‪TYPO3\CMS\Backend\Security\EmailLoginNotification\sendEmail
‪sendEmail(string $recipient, AbstractUserAuthentication $user, ?string $subjectPrefix=null)
Definition: EmailLoginNotification.php:99
‪TYPO3\CMS\Backend\Security\EmailLoginNotification\__construct
‪__construct(private readonly MailerInterface $mailer)
Definition: EmailLoginNotification.php:55
‪TYPO3\CMS\Core\Http\ServerRequestFactory
Definition: ServerRequestFactory.php:35
‪TYPO3\CMS\Backend\Security
Definition: CategoryPermissionsAspect.php:18
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:62
‪TYPO3\CMS\Backend\Security\EmailLoginNotification\emailAtLogin
‪emailAtLogin(AfterUserLoggedInEvent $event)
Definition: EmailLoginNotification.php:66
‪TYPO3\CMS\Backend\Security\EmailLoginNotification\$warningMode
‪int $warningMode
Definition: EmailLoginNotification.php:48
‪TYPO3\CMS\Backend\Security\EmailLoginNotification\$warningEmailRecipient
‪string $warningEmailRecipient
Definition: EmailLoginNotification.php:49
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Authentication\Event\AfterUserLoggedInEvent\getRequest
‪getRequest()
Definition: AfterUserLoggedInEvent.php:38
‪TYPO3\CMS\Core\Authentication\Event\AfterUserLoggedInEvent\getUser
‪getUser()
Definition: AfterUserLoggedInEvent.php:33
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:52
‪TYPO3\CMS\Core\Authentication\Event\AfterUserLoggedInEvent
Definition: AfterUserLoggedInEvent.php:27
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
Definition: AbstractUserAuthentication.php:65
‪TYPO3\CMS\Core\Http\ServerRequestFactory\fromGlobals
‪static ServerRequest fromGlobals()
Definition: ServerRequestFactory.php:59