0979dfcdbdea2a55091ab9e05f8d5680553e582b
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / Controller / LogoutController.php
1 <?php
2 namespace TYPO3\CMS\Backend\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
20 use TYPO3\CMS\Core\Utility\GeneralUtility;
21
22 /**
23 * Script Class for logging a user out.
24 * Does not display any content, just calls the logout-function for the current user and then makes a redirect.
25 */
26 class LogoutController
27 {
28 /**
29 * Injects the request object for the current request or subrequest
30 * As this controller goes only through the main() method, it is rather simple for now
31 * This will be split up in an abstract controller once proper routing/dispatcher is in place.
32 *
33 * @param ServerRequestInterface $request the current request
34 * @param ResponseInterface $response
35 * @return ResponseInterface the response with the content
36 */
37 public function logoutAction(ServerRequestInterface $request, ResponseInterface $response)
38 {
39 $this->logout();
40
41 $redirectUrl = $request->getParsedBody()['redirect'] ?? $request->getQueryParams()['redirect'];
42 $redirectUrl = GeneralUtility::sanitizeLocalUrl($redirectUrl);
43 if (empty($redirectUrl)) {
44 /** @var \TYPO3\CMS\Backend\Routing\UriBuilder $uriBuilder */
45 $uriBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Routing\UriBuilder::class);
46 $redirectUrl = (string)$uriBuilder->buildUriFromRoute('login', [], $uriBuilder::ABSOLUTE_URL);
47 }
48 return $response
49 ->withStatus(303)
50 ->withHeader('Location', GeneralUtility::locationHeaderUrl($redirectUrl));
51 }
52
53 /**
54 * Performs the logout processing
55 */
56 public function logout()
57 {
58 if (empty($this->getBackendUser()->user['username'])) {
59 return;
60 }
61 // Logout written to log
62 $this->getBackendUser()->writelog(255, 2, 0, 1, 'User %s logged out from TYPO3 Backend', [$this->getBackendUser()->user['username']]);
63 /** @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection $backendFormProtection */
64 $backendFormProtection = FormProtectionFactory::get();
65 $backendFormProtection->removeSessionTokenFromRegistry();
66 $this->getBackendUser()->logoff();
67 }
68
69 /**
70 * Returns the current BE user.
71 *
72 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
73 */
74 protected function getBackendUser()
75 {
76 return $GLOBALS['BE_USER'];
77 }
78 }