/** * * @return void * @author Andreas Förthner <*****@*****.**> */ public function logoutAction() { $this->authenticationManager->getSecurityContext()->clearContext(); $this->authenticationManager->logout(); $message = new \TYPO3\FLOW3\Error\Message('Successfully logged out.'); $this->flashMessageContainer->addMessage($message); $this->redirect('index', 'Login'); }
/** * Matches a \TYPO3\FLOW3\Mvc\RequestInterface against the configured CSRF pattern rules and searches for invalid * csrf tokens. * * @param \TYPO3\FLOW3\Mvc\RequestInterface $request The request that should be matched * @return boolean TRUE if the pattern matched, FALSE otherwise * @throws \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException */ public function matchRequest(\TYPO3\FLOW3\Mvc\RequestInterface $request) { if ($this->authenticationManager->isAuthenticated() === FALSE) { return FALSE; } $controllerClassName = $this->objectManager->getClassNameByObjectName($request->getControllerObjectName()); $actionName = $request->getControllerActionName() . 'Action'; if ($this->policyService->hasPolicyEntryForMethod($controllerClassName, $actionName) && !$this->reflectionService->isMethodTaggedWith($controllerClassName, $actionName, 'skipcsrfprotection')) { $internalArguments = $request->getInternalArguments(); if (!isset($internalArguments['__csrfToken'])) { return TRUE; } $csrfToken = $internalArguments['__csrfToken']; if (!$this->securityContext->hasCsrfProtectionTokens()) { throw new \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException('No tokens in security context, possible session timeout', 1317309673); } if ($this->securityContext->isCsrfProtectionTokenValid($csrfToken) === FALSE) { return TRUE; } } return FALSE; }
/** * Shows the specified node and takes visibility and access restrictions into * account. * * @param \TYPO3\TYPO3CR\Domain\Model\NodeInterface $node * @return string View output for the specified node */ public function showWireframeAction(\TYPO3\TYPO3CR\Domain\Model\NodeInterface $node) { if (!$node->isAccessible()) { try { $this->authenticationManager->authenticate(); } catch (\Exception $exception) { } } if (!$node->isAccessible() && !$this->nodeRepository->getContext()->isInaccessibleContentShown()) { $this->throwStatus(403); } if (!$node->isVisible() && !$this->nodeRepository->getContext()->isInvisibleContentShown()) { $this->throwStatus(404); } if ($node->getContentType() === 'TYPO3.Phoenix.ContentTypes:Shortcut') { $this->view->assign('wireframeMode', $node); } $this->nodeRepository->getContext()->setCurrentNode($node); $this->view->assign('value', $node); $this->view->setTypoScriptPath('wireframeMode'); $this->response->setHeader('Cache-Control', 'public, s-maxage=600', FALSE); }
/** * Prepares the environment for and conducts an account authentication * * @param \TYPO3\FLOW3\Security\Account $account * @return void * @api */ protected function authenticateAccount(\TYPO3\FLOW3\Security\Account $account) { $this->testingProvider->setAuthenticationStatus(\TYPO3\FLOW3\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL); $this->testingProvider->setAccount($account); $this->securityContext->clearContext(); $requestHandler = self::$bootstrap->getActiveRequestHandler(); $request = $requestHandler->getHttpRequest(); $actionRequest = $request->createActionRequest(); $this->securityContext->injectRequest($actionRequest); $this->authenticationManager->authenticate(); }
/** * Logs out a - possibly - currently logged in account. */ public function logoutAction() { $this->authenticationManager->logout(); $this->addFlashMessage('You are logged out now.', 'See you later', \TYPO3\FLOW3\Error\Message::SEVERITY_OK); $this->redirect('index'); }
/** * Invokes the security interception * * @return boolean TRUE if the security checks was passed * @throws \TYPO3\FLOW3\Security\Exception\AccessDeniedException */ public function invoke() { $this->authenticationManager->authenticate(); $this->accessDecisionManager->decideOnJoinPoint($this->joinPoint); }
/** * Sets the authentication status of all active tokens back to NO_CREDENTIALS_GIVEN * * @return void */ public function logoutAction() { $this->authenticationManager->logout(); }
/** * Invokes the the authentication, if needed. * * @return boolean TRUE if the security checks was passed */ public function invoke() { $this->authenticationManager->authenticate(); }
/** * Returns TRUE, if at least one of the currently authenticated tokens holds * a role with the given string representation, also recursively. * * @param string $roleName The string representation of the role to search for * @return boolean TRUE, if a role with the given string representation was found */ public function hasRole($roleName) { if ($roleName === 'Everybody') { return TRUE; } if ($roleName === 'Anonymous') { return !$this->authenticationManager->isAuthenticated(); } $roles = $this->getRoles(); foreach ($roles as $role) { if ((string) $role === $roleName) { return TRUE; } } return FALSE; }