验证TYPO3后端的远程验证用户凭据

时间:2017-09-25 13:56:33

标签: php authentication typo3 typo3-8.x

我需要一些帮助才能在后端用户登录,而远程服务器已经验证了凭据。实际用户及其所有权限均在TYPO3中设置,但密码存储在远程服务器上。

到目前为止,我已经创建了一个小扩展,将后端登录重定向到我的登录提供程序:

:

我检查远程服务器上的用户名和密码组合。

$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['backend']['loginProviders'][1433416747]['provider'] = \User\MyExtension\Hooks\LoginProvider::class;

现在我需要登录已验证的用户,但无法理解。

PS:我已经找到class LoginProvider implements LoginProviderInterface { public function render(StandaloneView $view, PageRenderer $pageRenderer, LoginController $loginController) { $view->setTemplatePathAndFilename(GeneralUtility::getFileAbsFileName('EXT:my_extension/Resources/Private/Templates/BELogin.html')); // Check request if ( isset($_POST['login_status']) && $_POST['login_status'] == 'login' && !empty($_POST['username']) && !empty($_POST['p_field']) && $_POST['interface'] == 'backend' ) { // Get EXT connection data from settings $EXT_CONFIG = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['my_extension']); $this->extServer = $EXT_CONFIG['extServer']; $this->extDC = $EXT_CONFIG['extDC']; // Assign received login data $this->username = GeneralUtility::_GP('username'); $this->password = GeneralUtility::_GP('p_field'); // Try to authenticate if ($this->checkCredentials()) { // @TODO: Need to log in the verified user credentials! } } } private function checkCredentials() { // Check if local user exists $local = $GLOBALS['TYPO3_DB']->exec_SELECTcountRows("uid", "be_users", "username='{$this->username}' AND disable=0") ?? 0; // Check credentials and recieve user object if correct, or false if wrong if ($local > 0) { $ext = new EXT($this->extServer, $this->extDC); $this->extUser = $ext->authorize($this->username, $this->password); } return $this->extUser ? true : false; } } ,但只有在用户已经过身份验证(或者我不知道如何使用)后才能使用。

1 个答案:

答案 0 :(得分:1)

LoginProvider仅用于呈现不同的登录表单(例如,对于不需要密码字段的openID)。

您需要实施身份验证服务:https://docs.typo3.org/typo3cms/Typo3ServicesReference/Authentication/Index.html