PasswordRecoveryController extends ActionController

A multi action controller. This is by far the most common base class for Controllers.

Internal

this is a concrete TYPO3 implementation and solely used for EXT:felogin and not part of TYPO3's Core API.

Table of Contents

Properties

$actionMethodName  : non-empty-string
Name of the action method
$arguments  : Arguments
$configurationManager  : ConfigurationManagerInterface
$defaultViewObjectName  : class-string|null
The default view class to use. Keep this 'null' for default fluid view, or set to 'JsonView::class' or some inheriting class.
$errorMethodName  : string
Name of the special error action method which is called in case of errors
$eventDispatcher  : EventDispatcherInterface
$features  : Features
$fileHandlingService  : FileHandlingService
$hashService  : HashService
$mvcPropertyMappingConfigurationService  : MvcPropertyMappingConfigurationService
$pageRepository  : PageRepository
$recoveryConfiguration  : RecoveryConfiguration
$recoveryService  : RecoveryService
$reflectionService  : ReflectionService
$request  : RequestInterface
$responseFactory  : ResponseFactoryInterface
$settings  : array<string|int, mixed>
Contains the settings of the current extension
$streamFactory  : StreamFactoryInterface
$uriBuilder  : UriBuilder
$userRepository  : FrontendUserRepository
$validatorResolver  : ValidatorResolver
$view  : ViewInterface
The current view, as resolved by resolveView()

Methods

__construct()  : mixed
addFlashMessage()  : void
Creates a Message object and adds it to the FlashMessageQueue.
changePasswordAction()  : ResponseInterface
Change actual password. Hash $newPass and update the user with the corresponding $hash.
initializeControllerArgumentsBaseValidators()  : void
Collects the base validators which were defined for the data type of each controller argument and adds them to the argument's validator chain.
injectConfigurationManager()  : void
injectEventDispatcher()  : void
injectFileHandlingService()  : void
injectHashService()  : void
injectInternalExtensionService()  : void
injectInternalFlashMessageService()  : void
injectMvcPropertyMappingConfigurationService()  : void
injectPropertyMapper()  : void
injectReflectionService()  : void
injectResponseFactory()  : void
injectStreamFactory()  : void
injectValidatorResolver()  : void
injectViewFactory()  : void
processRequest()  : ResponseInterface
Handles an incoming request and returns a response object
recoveryAction()  : ResponseInterface
Shows the recovery form. If $userIdentifier is set, an email will be sent, if the corresponding user exists and has a valid email address set.
showChangePasswordAction()  : ResponseInterface
Show the change password form if a valid hash is available.
throwStatus()  : never
Sends the specified HTTP status immediately and only stops to run back through the middleware stack.
validateHashAndPasswords()  : mixed
Validates the hash argument, the entered password and passwordRepeat values. If one of the values is considered as invalid, a response object with validation errors in the mapping results is returned.
addBaseUriIfNecessary()  : string
Adds the base uri if not already in place.
addErrorFlashMessage()  : void
If an error occurred during this request, this adds a flash message describing the error to the flash message container.
callActionMethod()  : ResponseInterface
Calls the specified action method and passes the arguments.
errorAction()  : ResponseInterface
A special action which is called if the originally intended action could not be called, for example if the arguments were not valid.
exposeNoneExistentUser()  : bool
Returns whether the `exposeNonexistentUserInForgotPasswordDialog` setting is active or not
forwardToReferringRequest()  : ResponseInterface|null
If information on the request before the current request was sent, this method forwards back to the originating request. This effectively ends processing of the current request, so do not call this method before you have finished the necessary business logic!
getErrorFlashMessage()  : bool|string
A template method for displaying custom error flash messages, or to display no flash message at all on errors. Override this to customize the flash message in your action controller.
getFlashMessageQueue()  : FlashMessageQueue
todo: As soon as the incoming request contains the compiled plugin namespace, extbase will offer a trait to create a flash message identifier from the current request. Users then should inject the flash message service themselves if needed.
getFlattenedValidationErrorMessage()  : string
Returns a string with a basic error message about validation failure.
getPasswordPolicyValidator()  : PasswordPolicyValidator
getTranslation()  : string
Wrapper to mock LocalizationUtility::translate
handleArgumentMappingExceptions()  : void
This method processes exceptions that occur due to missing or not found targets or arguments during argument mapping. Based on configuration settings, either a "page not found" response is triggered or the original exception is propagated.
htmlResponse()  : ResponseInterface
Returns a response object with either the given html string or the current rendered view as content.
initializeAction()  : void
Initializes the controller before invoking an action method.
initializeActionMethodArguments()  : void
Implementation of the arguments initialization in the action controller: Automatically registers arguments of the current action
initializeActionMethodValidators()  : void
Adds the needed validators to the Arguments:
invalidateUserSessions()  : void
Invalidate all frontend user sessions by given user id
jsonResponse()  : ResponseInterface
Returns a response object with either the given json string or the current rendered view as content. Mainly to be used for actions / controllers using the JsonView.
mapRequestArgumentsToControllerArguments()  : void
Maps arguments delivered by the request object to the local controller arguments.
redirect()  : ResponseInterface
Redirects the request to another action and / or controller.
redirectToUri()  : ResponseInterface
Redirects the web request to another uri.
renderAssetsForRequest()  : void
Method which initializes assets that should be attached to the response for the given $request, which contains parameters that an override can use to determine which assets to add via PageRenderer.
resolveActionMethodName()  : string
Resolves and checks the current action method name
resolveView()  : ViewInterface
Prepares a view for the current action.
validateHashArgument()  : ResponseInterface|null
Validate the hash argument and make sure that:
validateHashFormat()  : bool
Validates that $hash is in the expected format (timestamp|forgot_hash)
validateNewPassword()  : void

Properties

$actionMethodName

Name of the action method

protected non-empty-string $actionMethodName = 'indexAction'
Internal

$defaultViewObjectName

The default view class to use. Keep this 'null' for default fluid view, or set to 'JsonView::class' or some inheriting class.

protected class-string|null $defaultViewObjectName = null

$errorMethodName

Name of the special error action method which is called in case of errors

protected string $errorMethodName = 'errorAction'

$eventDispatcher

protected EventDispatcherInterface $eventDispatcher

$responseFactory

protected ResponseFactoryInterface $responseFactory

$settings

Contains the settings of the current extension

protected array<string|int, mixed> $settings

$streamFactory

protected StreamFactoryInterface $streamFactory

Methods

addFlashMessage()

Creates a Message object and adds it to the FlashMessageQueue.

public addFlashMessage(string $messageBody[, string $messageTitle = '' ][, ContextualFeedbackSeverity $severity = ContextualFeedbackSeverity::OK ][, bool $storeInSession = true ]) : void
Parameters
$messageBody : string
$messageTitle : string = ''
$severity : ContextualFeedbackSeverity = ContextualFeedbackSeverity::OK
$storeInSession : bool = true
Tags
throws
InvalidArgumentException

if the message body is no string

see
FlashMessage

changePasswordAction()

Change actual password. Hash $newPass and update the user with the corresponding $hash.

public changePasswordAction(string $newPass, string $hash) : ResponseInterface
Parameters
$newPass : string
$hash : string
Tags
throws
AspectNotFoundException
throws
InvalidPasswordHashException
Return values
ResponseInterface

initializeControllerArgumentsBaseValidators()

Collects the base validators which were defined for the data type of each controller argument and adds them to the argument's validator chain.

public initializeControllerArgumentsBaseValidators() : void
Internal

injectEventDispatcher()

public injectEventDispatcher(EventDispatcherInterface $eventDispatcher) : void
Parameters
$eventDispatcher : EventDispatcherInterface

injectResponseFactory()

public final injectResponseFactory(ResponseFactoryInterface $responseFactory) : void
Parameters
$responseFactory : ResponseFactoryInterface

injectStreamFactory()

public final injectStreamFactory(StreamFactoryInterface $streamFactory) : void
Parameters
$streamFactory : StreamFactoryInterface

processRequest()

Handles an incoming request and returns a response object

public processRequest(RequestInterface $request) : ResponseInterface
Parameters
$request : RequestInterface

The request object

Internal
Return values
ResponseInterface

recoveryAction()

Shows the recovery form. If $userIdentifier is set, an email will be sent, if the corresponding user exists and has a valid email address set.

public recoveryAction([string|null $userIdentifier = null ]) : ResponseInterface
Parameters
$userIdentifier : string|null = null
Return values
ResponseInterface

showChangePasswordAction()

Show the change password form if a valid hash is available.

public showChangePasswordAction([string $hash = '' ]) : ResponseInterface
Parameters
$hash : string = ''
Return values
ResponseInterface

throwStatus()

Sends the specified HTTP status immediately and only stops to run back through the middleware stack.

public throwStatus(int $statusCode[, string $statusMessage = '' ][, string|null $content = null ]) : never

Note: If any other plugin or content or hook is used within a frontend request, this is skipped by design.

Parameters
$statusCode : int

The HTTP status code

$statusMessage : string = ''

A custom HTTP status message

$content : string|null = null

Body content which further explains the status

Tags
throws
PropagateResponseException
Return values
never

validateHashAndPasswords()

Validates the hash argument, the entered password and passwordRepeat values. If one of the values is considered as invalid, a response object with validation errors in the mapping results is returned.

public validateHashAndPasswords() : mixed
Tags
throws
NoSuchArgumentException

addBaseUriIfNecessary()

Adds the base uri if not already in place.

protected addBaseUriIfNecessary(string $uri) : string
Parameters
$uri : string
Internal
Return values
string

addErrorFlashMessage()

If an error occurred during this request, this adds a flash message describing the error to the flash message container.

protected addErrorFlashMessage() : void
Internal

callActionMethod()

Calls the specified action method and passes the arguments.

protected callActionMethod(RequestInterface $request) : ResponseInterface

If the action returns a string, it is appended to the content in the response object. If the action doesn't return anything and a valid view exists, the view is rendered automatically.

Parameters
$request : RequestInterface
Internal
Return values
ResponseInterface

errorAction()

A special action which is called if the originally intended action could not be called, for example if the arguments were not valid.

protected errorAction() : ResponseInterface

The default implementation sets a flash message, request errors and forwards back to the originating action. This is suitable for most actions dealing with form input.

We clear the page cache by default on an error as well, as we need to make sure the data is re-evaluated when the user changes something.

Return values
ResponseInterface

exposeNoneExistentUser()

Returns whether the `exposeNonexistentUserInForgotPasswordDialog` setting is active or not

protected exposeNoneExistentUser(array<string|int, mixed>|null $user) : bool
Parameters
$user : array<string|int, mixed>|null
Return values
bool

forwardToReferringRequest()

If information on the request before the current request was sent, this method forwards back to the originating request. This effectively ends processing of the current request, so do not call this method before you have finished the necessary business logic!

protected forwardToReferringRequest() : ResponseInterface|null
Internal
Return values
ResponseInterface|null

getErrorFlashMessage()

A template method for displaying custom error flash messages, or to display no flash message at all on errors. Override this to customize the flash message in your action controller.

protected getErrorFlashMessage() : bool|string

Returns either the flash message or "false" if no flash message should be set

Return values
bool|string

getFlashMessageQueue()

todo: As soon as the incoming request contains the compiled plugin namespace, extbase will offer a trait to create a flash message identifier from the current request. Users then should inject the flash message service themselves if needed.

protected getFlashMessageQueue([string|null $identifier = null ]) : FlashMessageQueue
Parameters
$identifier : string|null = null
Internal
Return values
FlashMessageQueue

getFlattenedValidationErrorMessage()

Returns a string with a basic error message about validation failure.

protected getFlattenedValidationErrorMessage() : string

We may add all validation error messages to a log file in the future, but for security reasons (@see #54074) we do not return these here.

Internal
Return values
string

getTranslation()

Wrapper to mock LocalizationUtility::translate

protected getTranslation(string $key) : string
Parameters
$key : string
Return values
string

handleArgumentMappingExceptions()

This method processes exceptions that occur due to missing or not found targets or arguments during argument mapping. Based on configuration settings, either a "page not found" response is triggered or the original exception is propagated.

protected handleArgumentMappingExceptions(Exception $exception) : void

Extension authors can override this function to implement additional/custom argument mapping exception handling

Parameters
$exception : Exception

htmlResponse()

Returns a response object with either the given html string or the current rendered view as content.

protected htmlResponse([string|null $html = null ]) : ResponseInterface
Parameters
$html : string|null = null
Return values
ResponseInterface

initializeAction()

Initializes the controller before invoking an action method.

protected initializeAction() : void

Override this method to solve tasks which all actions have in common.

initializeActionMethodArguments()

Implementation of the arguments initialization in the action controller: Automatically registers arguments of the current action

protected initializeActionMethodArguments() : void

Don't override this method - use initializeAction() instead.

Internal
Tags
throws
InvalidArgumentTypeException
see
initializeArguments()

initializeActionMethodValidators()

Adds the needed validators to the Arguments:

protected initializeActionMethodValidators() : void
  • Validators checking the data type from the param annotation
  • Custom validators specified with validate annotations.
  • Model-based validators (validate annotations in the model)
  • Custom model validator classes
Internal

invalidateUserSessions()

Invalidate all frontend user sessions by given user id

protected invalidateUserSessions(int $userId) : void
Parameters
$userId : int

jsonResponse()

Returns a response object with either the given json string or the current rendered view as content. Mainly to be used for actions / controllers using the JsonView.

protected jsonResponse([string|null $json = null ]) : ResponseInterface
Parameters
$json : string|null = null
Return values
ResponseInterface

mapRequestArgumentsToControllerArguments()

Maps arguments delivered by the request object to the local controller arguments.

protected mapRequestArgumentsToControllerArguments() : void
Internal

redirect()

Redirects the request to another action and / or controller.

protected redirect(string|null $actionName[, string|null $controllerName = null ][, string|null $extensionName = null ][, array<string|int, mixed>|null $arguments = null ][, int|null $pageUid = null ][, null $_ = null ][, int $statusCode = 303 ]) : ResponseInterface

Redirect will be sent to the client which then performs another request to the new URI.

Parameters
$actionName : string|null

Name of the action to forward to

$controllerName : string|null = null

Unqualified object name of the controller to forward to. If not specified, the current controller is used.

$extensionName : string|null = null

Name of the extension containing the controller to forward to. If not specified, the current extension is assumed.

$arguments : array<string|int, mixed>|null = null

Arguments to pass to the target action

$pageUid : int|null = null

Target page uid. If NULL, the current page uid is used

$_ : null = null

(optional) Unused

$statusCode : int = 303

(optional) The HTTP status code for the redirect. Default is "303 See Other

Return values
ResponseInterface

redirectToUri()

Redirects the web request to another uri.

protected redirectToUri(string|UriInterface $uri[, null $_ = null ][, int $statusCode = 303 ]) : ResponseInterface
Parameters
$uri : string|UriInterface

A string representation of a URI

$_ : null = null

(optional) Unused

$statusCode : int = 303

(optional) The HTTP status code for the redirect. Default is "303 See Other"

Return values
ResponseInterface

renderAssetsForRequest()

Method which initializes assets that should be attached to the response for the given $request, which contains parameters that an override can use to determine which assets to add via PageRenderer.

protected renderAssetsForRequest(RequestInterface $request) : void

This default implementation will attempt to render the sections "HeaderAssets" and "FooterAssets" from the template that is being rendered, inserting the rendered content into either page header or footer, as appropriate. Both sections are optional and can be used one or both in combination.

You can add assets with this method without worrying about duplicates, if for example you do this in a plugin that gets used multiple time on a page.

Parameters
$request : RequestInterface
Internal

resolveActionMethodName()

Resolves and checks the current action method name

protected resolveActionMethodName() : string
Internal
Tags
throws
NoSuchActionException

if the action specified in the request object does not exist (and if there's no default action either).

Return values
string

resolveView()

Prepares a view for the current action.

protected resolveView() : ViewInterface
Internal
Tags
todo

We may want to decide in extbase to go away from the automatic view preparation via processRequest() and this method for actions. We could very well postulate actions should take care of creating "their" view on their own using a ViewFactoryInterface implementation, similar to what is done with request creation already (which needs further work, too), and have a helper in this class to easily create a standard view. This would dissolve the ugly $this->defaultViewObjectName property, which is more a burden than helpful since controllers then need to have an initializeFooAction() just to set this property when different actions want different views. Also, it does not allow actions to have no view prepared at all, for instance when they just want to create a json response by json_encode()'ing stuff. We should look at this in v14, which renders property defaultViewObjectName even more useless.

Return values
ViewInterface

validateHashArgument()

Validate the hash argument and make sure that:

protected validateHashArgument() : ResponseInterface|null
  • it is in the expected format
  • it is not expired
  • a fe_user with the given hash exists

If one of the checks fail, a redirect response to the recoveryAction() is returned

Return values
ResponseInterface|null

validateHashFormat()

Validates that $hash is in the expected format (timestamp|forgot_hash)

protected validateHashFormat(string $hash) : bool
Parameters
$hash : string
Return values
bool

        
On this page

Search results