(Have a look at the Authentication\TokenManager for an implementation example)
public authenticate ( ) : void | ||
return | void |
/** * @param integer $step The requested setup step * @return void * @Flow\SkipCsrfProtection */ public function authenticateAction($step) { try { $this->authenticationManager->authenticate(); if (file_exists($this->settings['initialPasswordFile'])) { unlink($this->settings['initialPasswordFile']); } $this->redirect('index', 'Setup', null, ['step' => $step]); } catch (\Neos\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->addFlashMessage('Sorry, you were not able to authenticate.', 'Authentication error', Message::SEVERITY_ERROR); $this->redirect('login', null, null, ['step' => $step]); } }
/** * Calls the authentication manager to authenticate all active tokens * and redirects to the original intercepted request on success if there * is one stored in the security context. If no intercepted request is * found, the function simply returns. * * If authentication fails, the result of calling the defined * $errorMethodName is returned. * * Note: Usually there is no need to override this action. You should use * the according callback methods instead (onAuthenticationSuccess() and * onAuthenticationFailure()). * * @return string * @Flow\SkipCsrfProtection */ public function authenticateAction() { $authenticationException = null; try { $this->authenticationManager->authenticate(); } catch (AuthenticationRequiredException $exception) { $authenticationException = $exception; } if ($this->authenticationManager->isAuthenticated()) { $storedRequest = $this->securityContext->getInterceptedRequest(); if ($storedRequest !== null) { $this->securityContext->setInterceptedRequest(null); } return $this->onAuthenticationSuccess($storedRequest); } else { $this->onAuthenticationFailure($authenticationException); return call_user_func([$this, $this->errorMethodName]); } }
/** * Prepares the environment for and conducts an account authentication * * @param \Neos\Flow\Security\Account $account * @return void * @api */ protected function authenticateAccount(\Neos\Flow\Security\Account $account) { $this->testingProvider->setAuthenticationStatus(\Neos\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL); $this->testingProvider->setAccount($account); $this->securityContext->clearContext(); $requestHandler = self::$bootstrap->getActiveRequestHandler(); $actionRequest = $this->route($requestHandler->getHttpRequest()); $this->securityContext->setRequest($actionRequest); $this->authenticationManager->authenticate(); }
/** * Invokes the security interception * * @return boolean TRUE if the security checks was passed * @throws AccessDeniedException * @throws AuthenticationRequiredException if an entity could not be found (assuming it is bound to the current session), causing a redirect to the authentication entrypoint * @throws NoTokensAuthenticatedException if no tokens could be found and the accessDecisionManager denied access to the privilege target, causing a redirect to the authentication entrypoint */ public function invoke() { $reason = ''; $privilegeSubject = new MethodPrivilegeSubject($this->joinPoint); try { $this->authenticationManager->authenticate(); } catch (EntityNotFoundException $exception) { throw new AuthenticationRequiredException('Could not authenticate. Looks like a broken session.', 1358971444, $exception); } catch (NoTokensAuthenticatedException $noTokensAuthenticatedException) { // We still need to check if the privilege is available to "Neos.Flow:Everybody". if ($this->privilegeManager->isGranted(MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) { throw new NoTokensAuthenticatedException($noTokensAuthenticatedException->getMessage() . chr(10) . $reason, $noTokensAuthenticatedException->getCode()); } } if ($this->privilegeManager->isGranted(MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) { throw new AccessDeniedException($this->renderDecisionReasonMessage($reason), 1222268609); } }
/** * Invokes the the authentication, if needed. * * @return boolean TRUE if the security checks was passed */ public function invoke() { $this->authenticationManager->authenticate(); }