‪TYPO3CMS  ‪main
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification Class Reference
Inheritance diagram for TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification:
TYPO3\CMS\Core\Log\LogDataTrait

Public Member Functions

 __construct (string $notificationRecipientEmailAddress=null, protected readonly int $warningPeriod=3600, protected readonly int $failedLoginAttemptsThreshold=3)
 
 __invoke (LoginAttemptFailedEvent|MfaVerificationFailedEvent $event)
 

Protected Member Functions

array getLoginFailures (int $earliestTimeToCheckForFailures)
 
 sendLoginAttemptEmail (array $previousFailures, ServerRequestInterface $request)
 
 createPreparedQueryBuilder (int $earliestLogDate, int $loginAction)
 
- ‪Protected Member Functions inherited from ‪TYPO3\CMS\Core\Log\LogDataTrait
 unserializeLogData (mixed $logData)
 
 formatLogDetails (string $detailString, mixed $substitutes)
 

Protected Attributes

string $notificationRecipientEmailAddress
 

Additional Inherited Members

- ‪Static Protected Member Functions inherited from ‪TYPO3\CMS\Core\Log\LogDataTrait
static formatLogDetailsStatic (string $detailString, array $substitutes)
 

Detailed Description

Sends out an email for failed logins in TYPO3 Backend when a certain threshold of failed logins during a certain timeframe has happened.

Relevant settings: $GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr']

this class is not part of the TYPO3 Core API as this is a concrete event listener implementation

Definition at line 46 of file FailedLoginAttemptNotification.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification::__construct ( string  $notificationRecipientEmailAddress = null,
protected readonly int  $warningPeriod = 3600,
protected readonly int  $failedLoginAttemptsThreshold = 3 
)
Parameters
string | null$notificationRecipientEmailAddress‪The receiver of the notification
int$warningPeriod‪Time span (in seconds) within the number of failed logins are collected. Number of sections back in time to check. This is a kind of limit for how many failures an hour.
int$failedLoginAttemptsThreshold‪The maximum accepted number of warnings before an email to $notificationRecipientEmailAddress is sent

Definition at line 56 of file FailedLoginAttemptNotification.php.

References $GLOBALS, and TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\$notificationRecipientEmailAddress.

Member Function Documentation

◆ __invoke()

TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification::__invoke ( LoginAttemptFailedEvent|MfaVerificationFailedEvent  $event)

Sends a warning email if there has been a certain amount of failed logins during a period. If a login fails, this function is called. It will look up the sys_log to see if there have been more than $failedLoginAttemptsThreshold failed logins the last X seconds (default 3600, see $warningPeriod). If so, an email with a warning is sent. This also includes failed multi-factor authentication failures.

Definition at line 73 of file FailedLoginAttemptNotification.php.

References $GLOBALS, TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\getLoginFailures(), TYPO3\CMS\Core\Authentication\Event\AbstractAuthenticationFailedEvent\getRequest(), TYPO3\CMS\Core\Authentication\Event\MfaVerificationFailedEvent\getUser(), TYPO3\CMS\Core\Authentication\Event\AbstractAuthenticationFailedEvent\isBackendAttempt(), and TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\sendLoginAttemptEmail().

◆ createPreparedQueryBuilder()

TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification::createPreparedQueryBuilder ( int  $earliestLogDate,
int  $loginAction 
)
protected

Definition at line 163 of file FailedLoginAttemptNotification.php.

References TYPO3\CMS\Core\Database\Connection\PARAM_INT.

Referenced by TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\getLoginFailures().

◆ getLoginFailures()

array TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification::getLoginFailures ( int  $earliestTimeToCheckForFailures)
protected

Retrieves all failed logins within a given timeframe until now.

Parameters
int$earliestTimeToCheckForFailures‪A UNIX timestamp that acts as the "earliest" date to check within the logs
Returns
‪array a list of sys_log entries since the earliest, or empty if no entries have been logged

Definition at line 109 of file FailedLoginAttemptNotification.php.

References TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\createPreparedQueryBuilder().

Referenced by TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\__invoke().

◆ sendLoginAttemptEmail()

TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification::sendLoginAttemptEmail ( array  $previousFailures,
ServerRequestInterface  $request 
)
protected

Sends out an email if the number of attempts have exceeded a limit.

Parameters
array$previousFailures‪sys_log entries that have been logged since the last time a notification was sent

Definition at line 135 of file FailedLoginAttemptNotification.php.

References TYPO3\CMS\Core\Log\LogDataTrait\formatLogDetails().

Referenced by TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\__invoke().

Member Data Documentation

◆ $notificationRecipientEmailAddress

string TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification::$notificationRecipientEmailAddress
protected

Definition at line 49 of file FailedLoginAttemptNotification.php.

Referenced by TYPO3\CMS\Backend\EventListener\FailedLoginAttemptNotification\__construct().