[TASK] Add LoginType enumeration
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Classes / Authentication / AuthenticationService.php
index 2eadf12..4b94f58 100644 (file)
@@ -49,13 +49,13 @@ class AuthenticationService extends AbstractAuthenticationService
      */
     public function getUser()
     {
-        if ($this->login['status'] !== 'login') {
+        if ($this->login['status'] !== LoginType::LOGIN) {
             return false;
         }
         if ((string)$this->login['uident_text'] === '') {
             // Failed Login attempt (no password given)
-            $this->writelog(255, 3, 3, 2, 'Login-attempt from %s (%s) for username \'%s\' with an empty password!', [
-                $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']
+            $this->writelog(255, 3, 3, 2, 'Login-attempt from ###IP### (%s) for username \'%s\' with an empty password!', [
+                $this->authInfo['REMOTE_HOST'], $this->login['uname']
             ]);
             $this->logger->warning(sprintf('Login-attempt from %s (%s), for username \'%s\' with an empty password!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
             return false;
@@ -64,12 +64,16 @@ class AuthenticationService extends AbstractAuthenticationService
         $user = $this->fetchUserRecord($this->login['uname']);
         if (!is_array($user)) {
             // Failed login attempt (no username found)
-            $this->writelog(255, 3, 3, 2, 'Login-attempt from %s (%s), username \'%s\' not found!!', [$this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']]);
-            $this->logger->warning(sprintf('Login-attempt from %s (%s), username \'%s\' not found!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
+            $this->writelog(255, 3, 3, 2, 'Login-attempt from ###IP### (%s), username \'%s\' not found!!', [$this->authInfo['REMOTE_HOST'], $this->login['uname']]);
+            $this->logger->info('Login-attempt from username \'' . $this->login['uname'] . '\' not found!', [
+                'REMOTE_ADDR' => $this->authInfo['REMOTE_ADDR'],
+                'REMOTE_HOST' => $this->authInfo['REMOTE_HOST'],
+            ]);
         } else {
-            if ($this->writeDevLog) {
-                GeneralUtility::devLog('User found: ' . GeneralUtility::arrayToLogString($user, [$this->db_user['userid_column'], $this->db_user['username_column']]), self::class);
-            }
+            $this->logger->debug('User found', [
+                $this->db_user['userid_column'] => $user[$this->db_user['userid_column']],
+                $this->db_user['username_column'] => $user[$this->db_user['username_column']]
+            ]);
         }
         return $user;
     }
@@ -98,19 +102,25 @@ class AuthenticationService extends AbstractAuthenticationService
             if (!$OK) {
                 // Failed login attempt (wrong password) - write that to the log!
                 if ($this->writeAttemptLog) {
-                    $this->writelog(255, 3, 3, 1, 'Login-attempt from %s (%s), username \'%s\', password not accepted!', [$this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']]);
-                    $this->logger->warning(sprintf('Login-attempt from %s (%s), username \'%s\', password not accepted!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
-                }
-                if ($this->writeDevLog) {
-                    GeneralUtility::devLog('Password not accepted: ' . $this->login['uident'], self::class, 2);
+                    $this->writelog(255, 3, 3, 1, 'Login-attempt from ###IP### (%s), username \'%s\', password not accepted!', [$this->authInfo['REMOTE_HOST'], $this->login['uname']]);
+                    $this->logger->info('Login-attempt username \'' . $this->login['uname'] . '\', password not accepted!', [
+                        'REMOTE_ADDR' => $this->authInfo['REMOTE_ADDR'],
+                        'REMOTE_HOST' => $this->authInfo['REMOTE_HOST'],
+                    ]);
                 }
+                $this->logger->debug('Password not accepted: ' . $this->login['uident']);
             }
             // Checking the domain (lockToDomain)
             if ($OK && $user['lockToDomain'] && $user['lockToDomain'] !== $this->authInfo['HTTP_HOST']) {
                 // Lock domain didn't match, so error:
                 if ($this->writeAttemptLog) {
-                    $this->writelog(255, 3, 3, 1, 'Login-attempt from %s (%s), username \'%s\', locked domain \'%s\' did not match \'%s\'!', [$this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']]);
-                    $this->logger->warning(sprintf('Login-attempt from %s (%s), username \'%s\', locked domain \'%s\' did not match \'%s\'!', $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']));
+                    $this->writelog(255, 3, 3, 1, 'Login-attempt from ###IP### (%s), username \'%s\', locked domain \'%s\' did not match \'%s\'!', [$this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']]);
+                    $this->logger->info('Login-attempt from username \'' . $user[$this->db_user['username_column']] . '\', locked domain did not match!', [
+                        'HTTP_HOST' => $this->authInfo['HTTP_HOST'],
+                        'REMOTE_ADDR' => $this->authInfo['REMOTE_ADDR'],
+                        'REMOTE_HOST' => $this->authInfo['REMOTE_HOST'],
+                        'lockToDomain' => $user['lockToDomain'],
+                    ]);
                 }
                 $OK = 0;
             }
@@ -135,24 +145,20 @@ class AuthenticationService extends AbstractAuthenticationService
         $groupDataArr = [];
         if ($this->mode === 'getGroupsFE') {
             $groups = [];
-            if (is_array($user) && $user[$this->db_user['usergroup_column']]) {
+            if ($user[$this->db_user['usergroup_column']] ?? false) {
                 $groupList = $user[$this->db_user['usergroup_column']];
                 $groups = [];
                 $this->getSubGroups($groupList, '', $groups);
             }
             // ADD group-numbers if the IPmask matches.
-            if (is_array($GLOBALS['TYPO3_CONF_VARS']['FE']['IPmaskMountGroups'])) {
-                foreach ($GLOBALS['TYPO3_CONF_VARS']['FE']['IPmaskMountGroups'] as $IPel) {
-                    if ($this->authInfo['REMOTE_ADDR'] && $IPel[0] && GeneralUtility::cmpIP($this->authInfo['REMOTE_ADDR'], $IPel[0])) {
-                        $groups[] = (int)$IPel[1];
-                    }
+            foreach ($GLOBALS['TYPO3_CONF_VARS']['FE']['IPmaskMountGroups'] ?? [] as $IPel) {
+                if ($this->authInfo['REMOTE_ADDR'] && $IPel[0] && GeneralUtility::cmpIP($this->authInfo['REMOTE_ADDR'], $IPel[0])) {
+                    $groups[] = (int)$IPel[1];
                 }
             }
             $groups = array_unique($groups);
             if (!empty($groups)) {
-                if ($this->writeDevLog) {
-                    GeneralUtility::devLog('Get usergroups with id: ' . implode(',', $groups), __CLASS__);
-                }
+                $this->logger->debug('Get usergroups with id: ' . implode(',', $groups));
                 $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
                     ->getQueryBuilderForTable($this->db_groups['table']);
                 if (!empty($this->authInfo['showHiddenRecords'])) {
@@ -184,9 +190,7 @@ class AuthenticationService extends AbstractAuthenticationService
                     $groupDataArr[$row['uid']] = $row;
                 }
             } else {
-                if ($this->writeDevLog) {
-                    GeneralUtility::devLog('No usergroups found.', self::class, 2);
-                }
+                $this->logger->debug('No usergroups found.');
             }
         }
         return $groupDataArr;