b4fe92507f4b84f97f77c661e7e9912c6a384e8a
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / Controller / LogoutController.php
1 <?php
2 namespace TYPO3\CMS\Backend\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Routing\UriBuilder;
20 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
21 use TYPO3\CMS\Core\Http\RedirectResponse;
22 use TYPO3\CMS\Core\Utility\GeneralUtility;
23
24 /**
25 * Script Class for logging a user out.
26 * Does not display any content, just calls the logout-function for the current user and then makes a redirect.
27 */
28 class LogoutController
29 {
30 /**
31 * Injects the request object for the current request or subrequest
32 * As this controller goes only through the main() method, it is rather simple for now
33 * This will be split up in an abstract controller once proper routing/dispatcher is in place.
34 *
35 * @param ServerRequestInterface $request the current request
36 * @return ResponseInterface the response with the content
37 */
38 public function logoutAction(ServerRequestInterface $request): ResponseInterface
39 {
40 $this->logout();
41
42 $redirectUrl = $request->getParsedBody()['redirect'] ?? $request->getQueryParams()['redirect'];
43 $redirectUrl = GeneralUtility::sanitizeLocalUrl($redirectUrl);
44 if (empty($redirectUrl)) {
45 $uriBuilder = GeneralUtility::makeInstance(UriBuilder::class);
46 $redirectUrl = (string)$uriBuilder->buildUriFromRoute('login', [], $uriBuilder::ABSOLUTE_URL);
47 }
48 return new RedirectResponse(GeneralUtility::locationHeaderUrl($redirectUrl), 303);
49 }
50
51 /**
52 * Performs the logout processing
53 */
54 public function logout()
55 {
56 if (empty($this->getBackendUser()->user['username'])) {
57 return;
58 }
59 // Logout written to log
60 $this->getBackendUser()->writelog(255, 2, 0, 1, 'User %s logged out from TYPO3 Backend', [$this->getBackendUser()->user['username']]);
61 /** @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection $backendFormProtection */
62 $backendFormProtection = FormProtectionFactory::get();
63 $backendFormProtection->removeSessionTokenFromRegistry();
64 $this->getBackendUser()->logoff();
65 }
66
67 /**
68 * Returns the current BE user.
69 *
70 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
71 */
72 protected function getBackendUser()
73 {
74 return $GLOBALS['BE_USER'];
75 }
76 }