‪TYPO3CMS  ‪main
PasswordVerification.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
27 
36 {
37  public function ‪__construct(
38  protected readonly ‪PasswordHashFactory $passwordHashFactory
39  ) {}
40 
44  public function ‪verifyInstallToolPassword(string $password): bool
45  {
46  $installToolPassword = ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'] ?? null;
47  if ($password === '') {
48  return false;
49  }
50 
51  try {
52  return $this->passwordHashFactory
53  ->get($installToolPassword, 'BE')
54  ->checkPassword($password, $installToolPassword);
56  return false;
57  }
58  }
59 
64  public function ‪verifyBackendUserPassword(string $password, ‪BackendUserAuthentication $backendUser): bool
65  {
66  if ($password === '') {
67  return false;
68  }
69 
70  // clone the current backend user object to avoid
71  // possible side effects for the real instance
72  $backendUser = clone $backendUser;
73  ‪$loginData = [
74  'status' => 'sudo-mode',
75  'origin' => BackendModuleController::class,
76  'uname' => $backendUser->user['username'],
77  'uident' => $password,
78  ];
79  // currently there is no dedicated API to perform authentication
80  // that's why this process partially has to be simulated here
81  $fakeRequest = new ‪ServerRequest();
82  ‪$loginData = $backendUser->processLoginData(‪$loginData, $fakeRequest);
83  $authInfo = $backendUser->getAuthInfoArray($fakeRequest);
84 
85  $authenticated = false;
87  foreach ($this->getAuthServices($backendUser, ‪$loginData, $authInfo) as ‪$service) {
88  $ret = ‪$service->authUser($backendUser->user);
89  if ($ret <= 0) {
90  return false;
91  }
92  if ($ret >= 200) {
93  return true;
94  }
95  if ($ret < 100) {
96  $authenticated = true;
97  }
98  }
99  return $authenticated;
100  }
101 
109  protected function getAuthServices(‪BackendUserAuthentication $backendUser, array ‪$loginData, array $authInfo): \Generator
110  {
111  $serviceChain = [];
112  $subType = 'authUserBE';
113  while (‪$service = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain)) {
115  $serviceChain[] = ‪$service->getServiceKey();
116  if (!is_object(‪$service)) {
117  continue;
118  }
119  ‪$service->initAuth($subType, ‪$loginData, $authInfo, $backendUser);
120  yield ‪$service;
121  }
122  }
123 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory
Definition: PasswordHashFactory.php:27
‪TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
Definition: InvalidPasswordHashException.php:25
‪TYPO3\CMS\Backend\Security\SudoMode
‪TYPO3\CMS\Backend\Security\SudoMode\PasswordVerification\verifyInstallToolPassword
‪verifyInstallToolPassword(string $password)
Definition: PasswordVerification.php:44
‪TYPO3\CMS\Backend\Security\SudoMode\PasswordVerification\verifyBackendUserPassword
‪verifyBackendUserPassword(string $password, BackendUserAuthentication $backendUser)
Definition: PasswordVerification.php:64
‪TYPO3\CMS\Backend\Security\SudoMode\PasswordVerification\__construct
‪__construct(protected readonly PasswordHashFactory $passwordHashFactory)
Definition: PasswordVerification.php:37
‪TYPO3\CMS\Webhooks\Message\$loginData
‪identifier readonly UriInterface readonly array $loginData
Definition: LoginErrorOccurredMessage.php:37
‪TYPO3\CMS\Backend\Security\SudoMode\PasswordVerification
Definition: PasswordVerification.php:36
‪TYPO3\CMS\Core\Http\ServerRequest
Definition: ServerRequest.php:39
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:61
‪TYPO3\CMS\Core\Authentication\AuthenticationService
Definition: AuthenticationService.php:32
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:52
‪TYPO3\CMS\Backend\Security\SudoMode\PasswordVerification\$service
‪yield $service
Definition: PasswordVerification.php:120
‪TYPO3\CMS\Install\Controller\BackendModuleController
Definition: BackendModuleController.php:41