‪TYPO3CMS  ‪main
TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication Class Reference
Inheritance diagram for TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication:

Public Member Functions

 __construct ()
array getLoginFormData (ServerRequestInterface $request)
UserSession createUserSession (array $tempuser)
 fetchGroupData (ServerRequestInterface $request)
 createUserAspect (bool $respectUserGroups=true)
 storeSessionData ()
 removeSessionData ()
mixed getKey ($type, $key)
 setKey ($type, $key, $data)
 setAndSaveSessionData ($key, $data)
 updateOnlineTimestamp ()
- ‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 initializeUserSessionManager (?UserSessionManager $userSessionManager=null)
 start (ServerRequestInterface $request)
 appendCookieToResponse (ResponseInterface $response, ?NormalizedParams $normalizedParams=null)
 checkAuthentication (ServerRequestInterface $request)
 isMfaSetupRequired ()
 enforceNewSessionId ()
 logoff ()
 removeCookie ($cookieName=null)
 writeUC ()
 pushModuleData (string $module, mixed $data, bool $dontPersistImmediately=false)
mixed getModuleData (string $module, string $type='')
mixed getSessionData ($key)
 setSessionData ($key, $data)
 isActiveLogin (ServerRequestInterface $request)
array processLoginData (array $loginData, ServerRequestInterface $request)
array getAuthInfoArray (ServerRequestInterface $request)
 writelog ($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid)
 setBeUserByUid ($uid)
 setBeUserByName ($name)
array getRawUserByUid ($uid)
array getRawUserByName ($name)
 getUserId ()
 getUserName ()
 getSession ()

Static Public Member Functions

static getCookieName ()

Public Attributes

string $loginType = 'FE'
string $user_table = 'fe_users'
string $username_column = 'username'
string $userident_column = 'password'
string $userid_column = 'uid'
string $usergroup_column = 'usergroup'
string $usergroup_table = 'fe_groups'
array $enablecolumns
array $groupData
- ‪Public Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
string $name = ''
string $user_table = ''
string $usergroup_table = ''
string $username_column = ''
string $userident_column = ''
string $userid_column = ''
string $usergroup_column = ''
array $enablecolumns
bool $writeStdLog = false
bool $writeAttemptLog = false
bool $checkPid = true
int string null $checkPid_value = 0
array null $user
array $userGroups = []
string $loginType = ''
array $uc = []

Protected Member Functions

bool isSetSessionCookie ()
bool isRefreshTimeBasedCookie ()
 regenerateSessionId ()
- ‪Protected Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 setSessionCookie ()
 shallSetSessionCookie ()
 getAuthServiceConfiguration ()
 fetchPossibleUsers (array $loginData, bool $activeLogin, bool $isExistingSession, ?array $authenticatedUserFromSession, ServerRequestInterface $request)
 evaluateMfaRequirements ()
Traversable getAuthServices (string $subType, array $loginData, ?array $authenticatedUserFromSession, ServerRequestInterface $request)
 updateLoginTimestamp (int $userId)
 fetchValidUserFromSessionOrDestroySession (bool $skipSessionUpdate=false)
 performLogoff ()
bool isCookieSet ()
 userConstraints ()
 unpack_uc ()
mixed removeSensitiveLoginDataForLoggingInfo ($data, bool $isUserRecord=false)

Protected Attributes

string $formfield_uname = 'user'
string $formfield_uident = 'pass'
string $formfield_status = 'logintype'
string $formfield_permanent = 'permalogin'
string $lastLogin_column = 'lastlogin'
bool $userData_change = false
bool $is_permanent = false
bool $forceSetCookie = false
bool $dontSetCookie = true
- ‪Protected Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
string $lastLogin_column = ''
string $formfield_uname = ''
string $formfield_uident = ''
string $formfield_status = ''
bool $loginSessionStarted = false
bool $dontSetCookie = false
UserSession $userSession = null
UserSessionManager $userSessionManager
SetCookieBehavior $setCookie = SetCookieBehavior::None

Detailed Description

Extension class for Front End User Authentication.

Definition at line 32 of file FrontendUserAuthentication.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::__construct ( )

Member Function Documentation

◆ createUserAspect()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::createUserAspect ( bool  $respectUserGroups = true)

Initializes the front-end user groups for the context API, based on the user groups and the logged-in state.

bool$respectUserGroups‪used to disable the inclusion of the users' groups

Definition at line 287 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$userGroups, and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\updateOnlineTimestamp().

◆ createUserSession()

UserSession TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::createUserSession ( array  $tempuser)

Creates a user session record and returns its values. However, as the FE user cookie is normally not set, this has to be done before the parent class is doing the rest.

array$tempuser‪User data array
‪UserSession The session data for the newly created session.

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 219 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\$is_permanent, and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\updateLoginTimestamp().

◆ fetchGroupData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::fetchGroupData ( ServerRequestInterface  $request)

Will select all fe_groups records that the current fe_user is member of.


Definition at line 241 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\$groupData, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getUserId(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getUserName().

◆ getCookieName()

static TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getCookieName ( )

Returns the configured cookie name

Definition at line 149 of file FrontendUserAuthentication.php.

References $GLOBALS.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\__construct().

◆ getKey()

mixed TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getKey (   $type,

Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)

string$type‪Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string$key‪Key from the data array to return; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines which key to return the value for.
‪mixed Returns whatever value there was in the array for the key, $key
See also

Definition at line 401 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionData().

◆ getLoginFormData()

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getLoginFormData ( ServerRequestInterface  $request)

Returns an info array with Login/Logout data submitted by a form or params

See also

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 183 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\$formfield_permanent, $GLOBALS, and TYPO3\CMS\Webhooks\Message\$loginData.

◆ isRefreshTimeBasedCookie()

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::isRefreshTimeBasedCookie ( )

Determine whether a non-session cookie needs to be set (lifetime>0)


Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 172 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Http\SetCookieService\create().

◆ isSetSessionCookie()

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::isSetSessionCookie ( )

Determine whether a session cookie needs to be set (lifetime=0)


Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 161 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Http\SetCookieService\create().

◆ regenerateSessionId()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::regenerateSessionId ( )

Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated. Forces cookie to be set

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 385 of file FrontendUserAuthentication.php.

◆ removeSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::removeSessionData ( )

Removes data of the current session.

Definition at line 366 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ setAndSaveSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setAndSaveSessionData (   $key,

Saves the tokens so that they can be used by a later incarnation of this class.


Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 457 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionData(), and TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\storeSessionData().

◆ setKey()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::setKey (   $type,

Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details. When a value is set the flag $this->userData_change will be set so that the final call to ->storeSessionData() will know if a change has occurred and needs to be saved to the database. Notice: Simply calling this function will not save the data to the database! The actual saving is done in storeSessionData() which is called as some of the last things in \TYPO3\CMS\Frontend\Http\RequestHandler. So if you exit before this point, nothing gets saved of course! And the solution is to call $GLOBALS['TSFE']->storeSessionData(); before you exit.

string$type‪Session data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string$key‪Key from the data array to store incoming data in; The session data (in either case) is an array ($this->uc / $this->sessionData) and this value determines in which key the $data value will be stored.
mixed$data‪The data value to store in $key
See also

Definition at line 429 of file FrontendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\setSessionData().

◆ storeSessionData()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::storeSessionData ( )

◆ updateOnlineTimestamp()

TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::updateOnlineTimestamp ( )

Update the field "is_online" every 60 seconds of a logged-in user

Definition at line 468 of file FrontendUserAuthentication.php.

References $GLOBALS.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\createUserAspect().

Member Data Documentation

◆ $dontSetCookie

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$dontSetCookie = true

Will prevent the setting of the session cookie (takes precedence over forceSetCookie) Disable cookie by default, will be activated if saveSessionData() is called, a user is logging-in or an existing session is found

Definition at line 137 of file FrontendUserAuthentication.php.

◆ $enablecolumns

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$enablecolumns
Initial value:
= array(
'deleted' => 'deleted',
'disabled' => 'disable',
'starttime' => 'starttime',
'endtime' => 'endtime',

Enable field columns of user table

Definition at line 102 of file FrontendUserAuthentication.php.

◆ $forceSetCookie

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$forceSetCookie = false

Will force the session cookie to be set every time (lifetime must be 0).

Definition at line 129 of file FrontendUserAuthentication.php.

◆ $formfield_permanent

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$formfield_permanent = 'permalogin'

form field with 0 or 1 1 = permanent login enabled 0 = session is valid for a browser session only

Definition at line 63 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\getLoginFormData().

◆ $formfield_status

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$formfield_status = 'logintype'

Form field with status: *'login', 'logout'. If empty login is not verified.

Definition at line 55 of file FrontendUserAuthentication.php.

◆ $formfield_uident

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$formfield_uident = 'pass'

Form field with password

Definition at line 49 of file FrontendUserAuthentication.php.

◆ $formfield_uname

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$formfield_uname = 'user'

Form field with login-name

Definition at line 43 of file FrontendUserAuthentication.php.

◆ $groupData

array TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$groupData
Initial value:
= array(
'title' => [],
'uid' => [],
'pid' => [],

Definition at line 111 of file FrontendUserAuthentication.php.

Referenced by TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication\fetchGroupData().

◆ $is_permanent

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$is_permanent = false

◆ $lastLogin_column

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$lastLogin_column = 'lastlogin'

Column name for last login timestamp

Definition at line 89 of file FrontendUserAuthentication.php.

◆ $loginType

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$loginType = 'FE'

Login type, used for services.

Definition at line 37 of file FrontendUserAuthentication.php.

◆ $user_table

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$user_table = 'fe_users'

Table in database with user data

Definition at line 68 of file FrontendUserAuthentication.php.

◆ $userData_change

bool TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userData_change = false

Definition at line 119 of file FrontendUserAuthentication.php.

◆ $usergroup_column

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$usergroup_column = 'usergroup'

Definition at line 93 of file FrontendUserAuthentication.php.

◆ $usergroup_table

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$usergroup_table = 'fe_groups'

Definition at line 97 of file FrontendUserAuthentication.php.

◆ $userid_column

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userid_column = 'uid'

Column for user-id

Definition at line 83 of file FrontendUserAuthentication.php.

◆ $userident_column

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$userident_column = 'password'

Column for password

Definition at line 78 of file FrontendUserAuthentication.php.

◆ $username_column

string TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::$username_column = 'username'

Column for login-name

Definition at line 73 of file FrontendUserAuthentication.php.