/** * Before advice for all methods annotated with "@Flow\Session(autoStart=true)". * Those methods will trigger a session initialization if a session does not exist * yet. * * @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point * @return void * @fixme The pointcut expression below does not consider the options of the session annotation – needs adjustments in the AOP framework * @Flow\Before("methodAnnotatedWith(TYPO3\Flow\Annotations\Session)") */ public function initializeSession(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint) { if ($this->session->isStarted() === TRUE) { return; } $objectName = $this->objectManager->getObjectNameByClassName(get_class($joinPoint->getProxy())); $methodName = $joinPoint->getMethodName(); $this->systemLogger->log(sprintf('Session initialization triggered by %s->%s.', $objectName, $methodName), LOG_DEBUG); $this->session->start(); }
/** * @param \Peytz\Vote\Domain\Model\Vote $newVote * @return void */ public function registerAction(Vote $newVote) { if (!$this->session->isStarted()) { $this->session->start(); } /** @var \Peytz\Vote\Domain\Model\Vote $vote */ if ($vote = $this->voteRepository->findOneBySession($this->session->getId())) { $vote->setDate(new \DateTime()); $vote->setValue($newVote->getValue()); $this->voteRepository->update($vote); } else { $newVote->setDate(new \DateTime()); $newVote->setSession($this->session->getId()); $this->voteRepository->add($newVote); } $this->session->putData('hasVoted', true); $this->addFlashMessage('Vote registered.'); $this->redirect('index'); }
/** * Tries to authenticate the tokens in the security context (in the given order) * with the available authentication providers, if needed. * If the authentication strategy is set to "allTokens", all tokens have to be authenticated. * If the strategy is set to "oneToken", only one token needs to be authenticated, but the * authentication will stop after the first authenticated token. The strategy * "atLeastOne" will try to authenticate at least one and as many tokens as possible. * * @return void * @throws \TYPO3\Flow\Security\Exception * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException */ public function authenticate() { $this->isAuthenticated = false; $anyTokenAuthenticated = false; if ($this->securityContext === null) { throw new Exception('Cannot authenticate because no security context has been set.', 1232978667); } $tokens = $this->securityContext->getAuthenticationTokens(); if (count($tokens) === 0) { throw new NoTokensAuthenticatedException('The security context contained no tokens which could be authenticated.', 1258721059); } /** @var $token TokenInterface */ foreach ($tokens as $token) { /** @var $provider AuthenticationProviderInterface */ foreach ($this->providers as $provider) { if ($provider->canAuthenticate($token) && $token->getAuthenticationStatus() === TokenInterface::AUTHENTICATION_NEEDED) { $provider->authenticate($token); if ($token->isAuthenticated()) { $this->emitAuthenticatedToken($token); } break; } } if ($token->isAuthenticated()) { if (!$token instanceof SessionlessTokenInterface) { if (!$this->session->isStarted()) { $this->session->start(); } $account = $token->getAccount(); if ($account !== null) { $this->securityContext->withoutAuthorizationChecks(function () use($account) { $this->session->addTag('TYPO3-Flow-Security-Account-' . md5($account->getAccountIdentifier())); }); } } if ($this->securityContext->getAuthenticationStrategy() === Context::AUTHENTICATE_ONE_TOKEN) { $this->isAuthenticated = true; $this->securityContext->refreshRoles(); return; } $anyTokenAuthenticated = true; } else { if ($this->securityContext->getAuthenticationStrategy() === Context::AUTHENTICATE_ALL_TOKENS) { throw new AuthenticationRequiredException('Could not authenticate all tokens, but authenticationStrategy was set to "all".', 1222203912); } } } if (!$anyTokenAuthenticated && $this->securityContext->getAuthenticationStrategy() !== Context::AUTHENTICATE_ANY_TOKEN) { throw new NoTokensAuthenticatedException('Could not authenticate any token. Might be missing or wrong credentials or no authentication provider matched.', 1222204027); } $this->isAuthenticated = $anyTokenAuthenticated; $this->securityContext->refreshRoles(); }
/** * Validate the Captcha in the current request by asking the recaptcha server. * For this to work, the form of the current request has to contain the <x:recaptcha /> template * function. * @param string $challenge The challenge that was given by recaptcha * @param string $response The response the user put in * @param boolean $remember Optional. If true, the correctly solved captcha is remembered and the * user does not have to fill it out again. Remember to use invalidate() in this case! * @return mixed Boolean true on success, the localized error string on failure (check with ===). */ public function validate($challenge, $response, $remember = false) { if (!$this->session->isStarted()) { $this->session->start(); } if ($remember && $this->isRemembered()) { return true; } if (empty($response)) { return "Please type in the confirmation code!"; } // Check via recaptcha lib require_once "resource://TYPO3.Recaptcha/PHP/recaptchalib.php"; $remoteAddress = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL; $resp = Ext\recaptcha_check_answer($this->settings["security"]["privateKey"], $remoteAddress, $challenge, $response); if (!$resp->is_valid) { return $this->decodeError($resp->error); } // remember if we want to remember if ($remember) { $this->session->putData("recaptcha_timestamp", time()); } return true; }
/** * Tries to authenticate the tokens in the security context (in the given order) * with the available authentication providers, if needed. * If the authentication strategy is set to "allTokens", all tokens have to be authenticated. * If the strategy is set to "oneToken", only one token needs to be authenticated, but the * authentication will stop after the first authenticated token. The strategy * "atLeastOne" will try to authenticate at least one and as many tokens as possible. * * @return void * @throws \TYPO3\Flow\Security\Exception * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException */ public function authenticate() { $this->isAuthenticated = FALSE; $anyTokenAuthenticated = FALSE; if ($this->securityContext === NULL) { throw new Exception('Cannot authenticate because no security context has been set.', 1232978667); } $tokens = $this->securityContext->getAuthenticationTokens(); if (count($tokens) === 0) { throw new NoTokensAuthenticatedException('The security context contained no tokens which could be authenticated.', 1258721059); } /** @var $token TokenInterface */ foreach ($tokens as $token) { /** @var $provider \TYPO3\Flow\Security\Authentication\AuthenticationProviderInterface */ foreach ($this->providers as $providerName => $provider) { if ($provider->canAuthenticate($token) && $token->getAuthenticationStatus() === TokenInterface::AUTHENTICATION_NEEDED) { $provider->authenticate($token); if ($token->isAuthenticated()) { $this->emitAuthenticatedToken($token); } break; } } if ($token->isAuthenticated()) { if (!$token instanceof SessionlessTokenInterface && !$this->session->isStarted()) { $this->session->start(); } if ($this->securityContext->getAuthenticationStrategy() === Context::AUTHENTICATE_ONE_TOKEN) { $this->isAuthenticated = TRUE; return; } $anyTokenAuthenticated = TRUE; } else { if ($this->securityContext->getAuthenticationStrategy() === Context::AUTHENTICATE_ALL_TOKENS) { throw new AuthenticationRequiredException('Could not authenticate all tokens, but authenticationStrategy was set to "all".', 1222203912); } } } if (!$anyTokenAuthenticated && $this->securityContext->getAuthenticationStrategy() !== Context::AUTHENTICATE_ANY_TOKEN) { throw new NoTokensAuthenticatedException('Could not authenticate any token. Might be missing or wrong credentials or no authentication provider matched.', 1222204027); } $this->isAuthenticated = $anyTokenAuthenticated; }
/** * Displays the backend interface * * @param NodeInterface $node The node that will be displayed on the first tab * @return void */ public function indexAction(NodeInterface $node = null) { $this->contentCache->flush(); $this->session->start(); $this->session->putData('__cheEnabled__', true); if ($user = $this->userService->getBackendUser()) { $workspaceName = $this->userService->getPersonalWorkspaceName(); $contentContext = $this->createContext($workspaceName); $contentContext->getWorkspace(); $this->persistenceManager->persistAll(); $siteNode = $contentContext->getCurrentSiteNode(); if ($node === null) { $node = $siteNode; } $this->view->assign('user', $user); $this->view->assign('documentNode', $node); $this->view->assign('site', $node); $this->view->assign('translations', $this->xliffService->getCachedJson(new Locale($this->userService->getInterfaceLanguage()))); return; } $this->redirectToUri($this->uriBuilder->uriFor('index', array(), 'Login', 'TYPO3.Neos')); }
/** * @Flow\Before("method(TYPO3\Neos\Controller\Backend\BackendController->indexAction())") * @param JoinPointInterface $joinPoint the join point * @return mixed */ public function disableNewUserInterface(JoinPointInterface $joinPoint) { $this->contentCache->flush(); $this->session->start(); $this->session->putData('__cheEnabled__', false); }
/** * @return void */ public function indexAction() { $this->session->start(); }