9f64161c1871b480c4b6d458e8820deed3349bda
[Packages/TYPO3.CMS.git] / typo3 / sysext / frontend / Classes / Middleware / BackendUserAuthenticator.php
1 <?php
2 declare(strict_types = 1);
3 namespace TYPO3\CMS\Frontend\Middleware;
4
5 /*
6 * This file is part of the TYPO3 CMS project.
7 *
8 * It is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU General Public License, either version 2
10 * of the License, or any later version.
11 *
12 * For the full copyright and license information, please read the
13 * LICENSE.txt file that was distributed with this source code.
14 *
15 * The TYPO3 project - inspiring people to share!
16 */
17
18 use Psr\Http\Message\ResponseInterface;
19 use Psr\Http\Message\ServerRequestInterface;
20 use Psr\Http\Server\MiddlewareInterface;
21 use Psr\Http\Server\RequestHandlerInterface;
22 use TYPO3\CMS\Backend\FrontendBackendUserAuthentication;
23 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
24 use TYPO3\CMS\Core\Core\Bootstrap;
25 use TYPO3\CMS\Core\Utility\GeneralUtility;
26
27 /**
28 * This middleware authenticates a Backend User (be_user) (pre)-viewing a frontend page.
29 *
30 * This middleware also ensures that $GLOBALS['LANG'] is available, however it is possible that
31 * a different middleware later-on might unset the BE_USER as he/she is not allowed to preview a certain
32 * page due to rights management. As this can only happen once the page ID is resolved, this will happen
33 * after the routing middleware.
34 *
35 * Currently, this middleware depends on the availability of $GLOBALS['TSFE'], however, this is solely
36 * due to backwards-compatibility and will be disabled in the future.
37 */
38 class BackendUserAuthenticator implements MiddlewareInterface
39 {
40 /**
41 * Creates a frontend user authentication object, tries to authenticate a user
42 * and stores the object in $GLOBALS['TSFE']->fe_user.
43 *
44 * @param ServerRequestInterface $request
45 * @param RequestHandlerInterface $handler
46 * @return ResponseInterface
47 */
48 public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
49 {
50 // PRE BE_USER HOOK
51 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'] ?? [] as $_funcRef) {
52 $_params = [];
53 GeneralUtility::callUserFunction($_funcRef, $_params, $GLOBALS['TSFE']);
54 }
55
56 // Initializing a possible logged-in Backend User
57 // If the backend cookie is set,
58 // we proceed and check if a backend user is logged in.
59 $GLOBALS['TSFE']->beUserLogin = false;
60 $backendUserObject = null;
61 if (isset($request->getCookieParams()[BackendUserAuthentication::getCookieName()])) {
62 $backendUserObject = $this->initializeBackendUser();
63 // If the user is active now, let the controller know
64 if ($backendUserObject instanceof FrontendBackendUserAuthentication && !empty($backendUserObject->user['uid'])) {
65 $GLOBALS['TSFE']->beUserLogin = true;
66 }
67 }
68
69 $GLOBALS['BE_USER'] = $backendUserObject;
70
71 // POST BE_USER HOOK
72 $_params = [
73 'BE_USER' => &$GLOBALS['BE_USER']
74 ];
75 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'] ?? [] as $_funcRef) {
76 GeneralUtility::callUserFunction($_funcRef, $_params, $GLOBALS['TSFE']);
77 }
78
79 // Load specific dependencies which are necessary for a valid Backend User
80 // like $GLOBALS['LANG'] for labels in the language of the BE User, the router, and ext_tables.php for all modules
81 // So things like Frontend Editing and Admin Panel can use this for generating links to the TYPO3 Backend.
82 if ($GLOBALS['BE_USER'] instanceof FrontendBackendUserAuthentication) {
83 Bootstrap::initializeLanguageObject();
84 Bootstrap::initializeBackendRouter();
85 Bootstrap::loadExtTables();
86 // Initialize admin panel since simulation settings are required here
87 $GLOBALS['BE_USER']->initializeAdminPanel();
88 }
89
90 return $handler->handle($request);
91 }
92
93 /**
94 * Creates the backend user object and returns it.
95 *
96 * @return FrontendBackendUserAuthentication|null the backend user object or null if there was no valid user found
97 */
98 public function initializeBackendUser()
99 {
100 // New backend user object
101 $backendUserObject = GeneralUtility::makeInstance(FrontendBackendUserAuthentication::class);
102 $backendUserObject->start();
103 $backendUserObject->unpack_uc();
104 if (!empty($backendUserObject->user['uid'])) {
105 $backendUserObject->fetchGroupData();
106 }
107 // Unset the user initialization if any setting / restriction applies
108 if (!$backendUserObject->checkBackendAccessSettingsFromInitPhp() || empty($backendUserObject->user['uid'])) {
109 $backendUserObject = null;
110 }
111 return $backendUserObject;
112 }
113 }