TYPO3CMS  8
 All Classes Namespaces Files Functions Variables Pages
FrontendUserAuthentication Class Reference
Inheritance diagram for FrontendUserAuthentication:
AbstractUserAuthentication

Public Member Functions

 __construct ()
 
 start ()
 
 getNewSessionRecord ($tempuser)
 
 isSetSessionCookie ()
 
 isRefreshTimeBasedCookie ()
 
 getLoginFormData ()
 
 createUserSession ($tempuser)
 
 fetchGroupData ()
 
 getUserTSconf ()
 
 fetchSessionData ()
 
 storeSessionData ()
 
 removeSessionData ()
 
 logoff ()
 
 gc ()
 
 getKey ($type, $key)
 
 setKey ($type, $key, $data)
 
 getSessionData ($key)
 
 setAndSaveSessionData ($key, $data)
 
 record_registration ($recs, $maxSizeOfSessionData=0)
 
 isExistingSessionRecord ($id)
 
 hideActiveLogin ()
 
- Public Member Functions inherited from AbstractUserAuthentication
 __construct ()
 
 start ()
 
 isSetSessionCookie ()
 
 isRefreshTimeBasedCookie ()
 
 checkAuthentication ()
 
 createSessionId ()
 
 createUserSession ($tempuser)
 
 getNewSessionRecord ($tempuser)
 
 fetchUserSession ($skipSessionUpdate=false)
 
 logoff ()
 
 removeCookie ($cookieName)
 
 isExistingSessionRecord ($id)
 
 isCookieSet ()
 
 veriCode ()
 
 writeUC ($variable= '')
 
 unpack_uc ($theUC= '')
 
 pushModuleData ($module, $data, $noSave=0)
 
 getModuleData ($module, $type= '')
 
 getSessionData ($key)
 
 setAndSaveSessionData ($key, $data)
 
 getLoginFormData ()
 
 processLoginData ($loginData, $passwordTransmissionStrategy= '')
 
 getAuthInfoArray ()
 
 compareUident ($user, $loginData, $passwordCompareStrategy= '')
 
 gc ()
 
 writelog ($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid)
 
 checkLogFailures ($email, $secondsBack, $maxFailures)
 
 setBeUserByUid ($uid)
 
 setBeUserByName ($name)
 
 getRawUserByUid ($uid)
 
 getRawUserByName ($name)
 
 fetchUserRecord ($dbUser, $username, $extraWhere= '')
 

Static Public Member Functions

static getCookieName ()
 

Public Attributes

 $formfield_permanent = 'permalogin'
 
 $sessionTimeout = 6000
 
 $usergroup_column = 'usergroup'
 
 $usergroup_table = 'fe_groups'
 
 $groupData
 
 $TSdataArray = []
 
 $userTS = []
 
 $userTSUpdated = false
 
 $sesData = []
 
 $sesData_change = false
 
 $userData_change = false
 
 $is_permanent = false
 
- Public Attributes inherited from AbstractUserAuthentication
 $session_table = ''
 
 $name = ''
 
 $get_name = ''
 
 $user_table = ''
 
 $usergroup_table = ''
 
 $username_column = ''
 
 $userident_column = ''
 
 $userid_column = ''
 
 $usergroup_column = ''
 
 $lastLogin_column = ''
 
 $enablecolumns
 
 $showHiddenRecords = false
 
 $formfield_uname = ''
 
 $formfield_uident = ''
 
 $formfield_status = ''
 
 $sessionTimeout = 0
 
 $auth_timeout_field = ''
 
 $lifetime = 0
 
 $gc_time = 0
 
 $gc_probability = 1
 
 $writeStdLog = false
 
 $writeAttemptLog = false
 
 $sendNoCacheHeaders = true
 
 $getFallBack = false
 
 $hash_length = 32
 
 $getMethodEnabled = false
 
 $lockIP = 4
 
 $lockHashKeyWords = 'useragent'
 
 $warningEmail = ''
 
 $warningPeriod = 3600
 
 $warningMax = 3
 
 $checkPid = true
 
 $checkPid_value = 0
 
 $id
 
 $loginFailure = false
 
 $loginSessionStarted = false
 
 $user = null
 
 $get_URL_ID = ''
 
 $newSessionID = false
 
 $forceSetCookie = false
 
 $dontSetCookie = false
 
 $loginType = ''
 
 $svConfig = []
 
 $writeDevLog = false
 
 $uc
 

Protected Member Functions

 regenerateSessionId ()
 
- Protected Member Functions inherited from AbstractUserAuthentication
 setSessionCookie ()
 
 getCookieDomain ()
 
 getCookie ($cookieName)
 
 regenerateSessionId ()
 
 fetchUserSessionFromDB ()
 
 userConstraints ()
 
 user_where_clause ()
 
 ipLockClause ()
 
 ipLockClause_remoteIPNumber ($parts)
 
 hashLockClause ()
 
 hashLockClause_getHashInt ()
 

Protected Attributes

 $sessionDataLifetime = 86400
 
 $sessionDataTimestamp = null
 
 $loginHidden = false
 
- Protected Attributes inherited from AbstractUserAuthentication
 $cookieWasSetOnCurrentRequest = false
 

Detailed Description

Extension class for Front End User Authentication.

Definition at line 25 of file FrontendUserAuthentication.php.

Constructor & Destructor Documentation

__construct ( )

Default constructor.

Definition at line 128 of file FrontendUserAuthentication.php.

References $GLOBALS.

Member Function Documentation

createUserSession (   $tempuser)

Creates a user session record and returns its values. However, as the FE user cookie is normally not set, this has to be done before the parent class is doing the rest.

Parameters
array$tempuserUser data array
Returns
array The session data for the newly created session.

Definition at line 272 of file FrontendUserAuthentication.php.

fetchGroupData ( )

Will select all fe_groups records that the current fe_user is member of and which groups are also allowed in the current domain. It also accumulates the TSconfig for the fe_user/fe_groups in ->TSdataArray

Returns
int Returns the number of usergroups for the frontend users (if the internal user record exists and the usergroup field contains a value)

Definition at line 288 of file FrontendUserAuthentication.php.

References $GLOBALS, FrontendUserAuthentication\$groupData, AbstractUserAuthentication\$loginType, GeneralUtility\arrayToLogString(), GeneralUtility\devLog(), AbstractUserAuthentication\getAuthInfoArray(), and GeneralUtility\makeInstanceService().

fetchSessionData ( )

Fetches the session data for the user (from the fe_session_data table) based on the ->id of the current user-session. The session data is restored to $this->sesData 1/100 calls will also do a garbage collection.

Returns
void private
See also
storeSessionData()

Definition at line 406 of file FrontendUserAuthentication.php.

References GeneralUtility\makeInstance().

gc ( )

Executes the garbage collection of session data and session. The lifetime of session data is defined by $TYPO3_CONF_VARS['FE']['sessionDataLifetime'].

Returns
void

Definition at line 528 of file FrontendUserAuthentication.php.

References $GLOBALS, and GeneralUtility\makeInstance().

static getCookieName ( )
static

Returns the configured cookie name

Returns
string

Definition at line 167 of file FrontendUserAuthentication.php.

References $GLOBALS.

Referenced by TypoScriptFrontendController\initFEuser().

getKey (   $type,
  $key 
)

Returns session data for the fe_user; Either persistent data following the fe_users uid/profile (requires login) or current-session based (not available when browse is closed, but does not require login)

Parameters
string$typeSession data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string$keyKey from the data array to return; The session data (in either case) is an array ($this->uc / $this->sesData) and this value determines which key to return the value for.
Returns
mixed Returns whatever value there was in the array for the key, $key
See also
setKey()

Definition at line 552 of file FrontendUserAuthentication.php.

Referenced by FrontendUserAuthentication\getSessionData(), and FrontendUserAuthentication\record_registration().

getLoginFormData ( )

Returns an info array with Login/Logout data submitted by a form or params

Returns
array
See also
AbstractUserAuthentication::getLoginFormData()

Definition at line 237 of file FrontendUserAuthentication.php.

References $GLOBALS, GeneralUtility\_GP(), and GeneralUtility\_POST().

getNewSessionRecord (   $tempuser)

Returns a new session record for the current user for insertion into the DB.

Parameters
array$tempuser
Returns
array User session record

Definition at line 201 of file FrontendUserAuthentication.php.

getSessionData (   $key)

Returns the session data stored for $key. The data will last only for this login session since it is stored in the session table.

Parameters
string$key
Returns
mixed

Definition at line 615 of file FrontendUserAuthentication.php.

References FrontendUserAuthentication\getKey().

getUserTSconf ( )

Returns the parsed TSconfig for the fe_user The TSconfig will be cached in $this->userTS.

Returns
array TSconfig array for the fe_user

Definition at line 378 of file FrontendUserAuthentication.php.

References FrontendUserAuthentication\$userTS, TypoScriptParser\checkIncludeLines_array(), and GeneralUtility\makeInstance().

hideActiveLogin ( )

Hide the current login

This is used by the fe_login_mode feature for pages. A current login is unset, but we remember that there has been one.

Returns
void

Definition at line 704 of file FrontendUserAuthentication.php.

isExistingSessionRecord (   $id)

Determine whether there's an according session record to a given session_id in the database. Don't care if session record is still valid or not.

This calls the parent function but additionally tries to look up the session ID in the "fe_session_data" table.

Parameters
int$idClaimed Session ID
Returns
bool Returns TRUE if a corresponding session was found in the database

Definition at line 678 of file FrontendUserAuthentication.php.

References AbstractUserAuthentication\$id, and GeneralUtility\makeInstance().

Referenced by FrontendUserAuthentication\logoff().

isRefreshTimeBasedCookie ( )

Determine whether a non-session cookie needs to be set (lifetime>0)

Returns
bool

Definition at line 226 of file FrontendUserAuthentication.php.

isSetSessionCookie ( )

Determine whether a session cookie needs to be set (lifetime=0)

Returns
bool

Definition at line 214 of file FrontendUserAuthentication.php.

logoff ( )

Log out current user! Removes the current session record, sets the internal ->user array to a blank string Thereby the current user (if any) is effectively logged out! Additionally the cookie is removed

Returns
void

Definition at line 493 of file FrontendUserAuthentication.php.

References AbstractUserAuthentication\isCookieSet(), FrontendUserAuthentication\isExistingSessionRecord(), and AbstractUserAuthentication\removeCookie().

record_registration (   $recs,
  $maxSizeOfSessionData = 0 
)

Registration of records/"shopping basket" in session data This will take the input array, $recs, and merge into the current "recs" array found in the session data. If a change in the recs storage happens (which it probably does) the function setKey() is called in order to store the array again.

Parameters
array$recsThe data array to merge into/override the current recs values. The $recs array is constructed as [table]][uid] = scalar-value (eg. string/integer).
int$maxSizeOfSessionDataThe maximum size of stored session data. If zero, no limit is applied and even confirmation of cookie session is discarded.
Returns
void

Definition at line 642 of file FrontendUserAuthentication.php.

References FrontendUserAuthentication\getKey(), AbstractUserAuthentication\isCookieSet(), and FrontendUserAuthentication\setKey().

regenerateSessionId ( )
protected

Regenerate the id, take separate session data table into account and set cookie again

Definition at line 506 of file FrontendUserAuthentication.php.

References AbstractUserAuthentication\$id, and GeneralUtility\makeInstance().

removeSessionData ( )

Removes data of the current session.

Returns
void

Definition at line 476 of file FrontendUserAuthentication.php.

References GeneralUtility\makeInstance().

Referenced by FrontendUserAuthentication\storeSessionData().

setAndSaveSessionData (   $key,
  $data 
)

Saves the tokens so that they can be used by a later incarnation of this class.

Parameters
string$key
mixed$data
Returns
void

Definition at line 627 of file FrontendUserAuthentication.php.

References FrontendUserAuthentication\setKey(), and FrontendUserAuthentication\storeSessionData().

setKey (   $type,
  $key,
  $data 
)

Saves session data, either persistent or bound to current session cookie. Please see getKey() for more details. When a value is set the flags $this->userData_change or $this->sesData_change will be set so that the final call to ->storeSessionData() will know if a change has occurred and needs to be saved to the database. Notice: The key "recs" is already used by the function record_registration() which stores table/uid=value pairs in that key. This is used for the shopping basket among other things. Notice: Simply calling this function will not save the data to the database! The actual saving is done in storeSessionData() which is called as some of the last things in . So if you exit before this point, nothing gets saved of course! And the solution is to call $GLOBALS['TSFE']->storeSessionData(); before you exit.

Parameters
string$typeSession data type; Either "user" (persistent, bound to fe_users profile) or "ses" (temporary, bound to current session cookie)
string$keyKey from the data array to store incoming data in; The session data (in either case) is an array ($this->uc / $this->sesData) and this value determines in which key the $data value will be stored.
mixed$dataThe data value to store in $key
Returns
void
See also
setKey(), storeSessionData(), record_registration()

Definition at line 581 of file FrontendUserAuthentication.php.

Referenced by FrontendUserAuthentication\record_registration(), and FrontendUserAuthentication\setAndSaveSessionData().

start ( )

Starts a user session

Returns
void
See also
AbstractUserAuthentication::start()

Definition at line 182 of file FrontendUserAuthentication.php.

References $GLOBALS, and AbstractUserAuthentication\$lifetime.

storeSessionData ( )

Will write UC and session data. If the flag $this->userData_change has been set, the function ->writeUC is called (which will save persistent user session data) If the flag $this->sesData_change has been set, the fe_session_data table is updated with the content of $this->sesData If the $this->sessionDataTimestamp is NULL there was no session record yet, so we need to insert it into the database

Returns
void
See also
fetchSessionData(), getKey(), setKey()

Definition at line 432 of file FrontendUserAuthentication.php.

References $GLOBALS, AbstractUserAuthentication\$id, AbstractUserAuthentication\isCookieSet(), GeneralUtility\makeInstance(), AbstractUserAuthentication\removeCookie(), FrontendUserAuthentication\removeSessionData(), AbstractUserAuthentication\setSessionCookie(), and AbstractUserAuthentication\writeUC().

Referenced by FrontendUserAuthentication\setAndSaveSessionData().

Member Data Documentation

$formfield_permanent = 'permalogin'

Definition at line 33 of file FrontendUserAuthentication.php.

$groupData
Initial value:
= [
'title' => []

Definition at line 64 of file FrontendUserAuthentication.php.

Referenced by FrontendUserAuthentication\fetchGroupData().

$is_permanent = false

Definition at line 113 of file FrontendUserAuthentication.php.

$loginHidden = false
protected

Definition at line 123 of file FrontendUserAuthentication.php.

$sesData = []

Definition at line 98 of file FrontendUserAuthentication.php.

$sesData_change = false

Definition at line 103 of file FrontendUserAuthentication.php.

$sessionDataLifetime = 86400
protected

Definition at line 39 of file FrontendUserAuthentication.php.

$sessionDataTimestamp = null
protected

Definition at line 118 of file FrontendUserAuthentication.php.

$sessionTimeout = 6000

Definition at line 49 of file FrontendUserAuthentication.php.

$TSdataArray = []

Definition at line 74 of file FrontendUserAuthentication.php.

$userData_change = false

Definition at line 108 of file FrontendUserAuthentication.php.

$usergroup_column = 'usergroup'

Definition at line 54 of file FrontendUserAuthentication.php.

$usergroup_table = 'fe_groups'

Definition at line 59 of file FrontendUserAuthentication.php.

$userTS = []
$userTSUpdated = false

Definition at line 84 of file FrontendUserAuthentication.php.