[!!!][TASK] Move Frontend User session saving into Middleware 39/60939/5
authorBenni Mack <benni@typo3.org>
Wed, 12 Jun 2019 05:14:32 +0000 (07:14 +0200)
committerAndreas Fernandez <a.fernandez@scripting-base.de>
Thu, 13 Jun 2019 09:29:33 +0000 (11:29 +0200)
For further TSFE-related changes, the frontend request
workflow now stores user-/session-related information
in the middleware.

This is a first step in order to reduce the dependencies
of TSFE + FrontendUserAuthentication.

This patch is breaking as certain hooks (like EOFE)
do not have session data stored anymore.

Related: #88540
Resolves: #88541
Releases: master
Change-Id: I1e9a66b759d6edfd4c0e5a8ede02aa7a73b65b0f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60939
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
typo3/sysext/core/Documentation/Changelog/master/Breaking-88540-ChangedRequestWorkflowForFrontendRequests.rst [new file with mode: 0644]

diff --git a/typo3/sysext/core/Documentation/Changelog/master/Breaking-88540-ChangedRequestWorkflowForFrontendRequests.rst b/typo3/sysext/core/Documentation/Changelog/master/Breaking-88540-ChangedRequestWorkflowForFrontendRequests.rst
new file mode 100644 (file)
index 0000000..d655d45
--- /dev/null
@@ -0,0 +1,60 @@
+.. include:: ../../Includes.txt
+Breaking: #88540 - Changed Request Workflow for Frontend Requests
+See :issue:`88540`
+The "Frontend Request Workflow" is the PHP code responsible for
+setting up various functionality. This includes Login/Permission Check, resolving
+the current site + language, and checking the page + rootline, then
+parsing TypoScript, which will then lead to building content (or taken from
+cache), until the actual output.
+Since TYPO3 v9, this is all built via PSR-15 middlewares, the PSR-15 Request Handler,
+and the global TypoScriptFrontendController (TSFE).
+For TYPO3 v10.0, various changes were made in order to separate concerns / logic
+from each other, allowing to easily exchange certain components with
+other / extended functionality.
+The following changes have been made:
+- Storing session data from a Frontend User Session / Anonymous session is now
+triggered within the Frontend User ("frontend-user-authenticator") Middleware,
+at a later point. Before this was part of the RequestHandler logic after content
+was put together. This was due to legacy reasons of the previous hook execution order.
+Hooks that depend on certain functionality being made before or after a hook is
+called will likely have a different behavior when:
+- A Frontend Session is used within Hooks.
+Anything related to regular plugins / content / TypoScript is not affected.
+Affected Installations
+Any hooks from third party extensions that run
+- :php:`$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/class.tslib_fe.php']['hook_eofe']`
+and depend on the frontend session data being written.
+Consider using a PSR-15 middleware instead of using a hook, or explicitly
+call "storeSessionData" within the PHP hook if necessary.
+.. index:: Frontend, PHP-API, NotScanned
index 8ecf451..4b02d58 100644 (file)
@@ -151,8 +151,6 @@ class RequestHandler implements RequestHandlerInterface
-        // Store session data for fe_users
-        $controller->fe_user->storeSessionData();
         // Hook for "end-of-frontend"
         $_params = ['pObj' => &$controller];
index 15293ab..a8e332c 100644 (file)
@@ -65,7 +65,14 @@ class FrontendUserAuthenticator implements MiddlewareInterface
         // Register the frontend user as aspect
         $this->setFrontendUserAspect(GeneralUtility::makeInstance(Context::class), $frontendUser);
-        return $handler->handle($request);
+        $response = $handler->handle($request);
+        // Store session data for fe_users if it still exists
+        if ($frontendUser instanceof FrontendUserAuthentication) {
+            $frontendUser->storeSessionData();
+        }
+        return $response;