vendor/contao/core-bundle/src/Resources/contao/modules/ModuleLogin.php line 105

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of Contao.
  5.  *
  6.  * (c) Leo Feyer
  7.  *
  8.  * @license LGPL-3.0-or-later
  9.  */
  11. namespace Contao;
  13. use Contao\CoreBundle\Security\Exception\LockedException;
  14. use Scheb\TwoFactorBundle\Security\Authentication\Exception\InvalidTwoFactorCodeException;
  15. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvent;
  16. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvents;
  17. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  19. /**
  20.  * Front end module "login".
  21.  */
  22. class ModuleLogin extends Module
  23. {
  24.     /**
  25.      * Template
  26.      * @var string
  27.      */
  28.     protected $strTemplate 'mod_login';
  30.     /**
  31.      * Flash type
  32.      * @var string
  33.      */
  34.     protected $strFlashType 'contao.FE.error';
  36.     /**
  37.      * @var string
  38.      */
  39.     private $targetPath '';
  41.     /**
  42.      * Display a login form
  43.      *
  44.      * @return string
  45.      */
  46.     public function generate()
  47.     {
  48.         $request System::getContainer()->get('request_stack')->getCurrentRequest();
  50.         if ($request && System::getContainer()->get('contao.routing.scope_matcher')->isBackendRequest($request))
  51.         {
  52.             $objTemplate = new BackendTemplate('be_wildcard');
  53.             $objTemplate->wildcard '### ' $GLOBALS['TL_LANG']['FMD']['login'][0] . ' ###';
  54.             $objTemplate->title $this->headline;
  55.             $objTemplate->id $this->id;
  56.             $objTemplate->link $this->name;
  57.             $objTemplate->href StringUtil::specialcharsUrl(System::getContainer()->get('router')->generate('contao_backend', array('do'=>'themes''table'=>'tl_module''act'=>'edit''id'=>$this->id)));
  59.             return $objTemplate->parse();
  60.         }
  62.         // If the form was submitted and the credentials were wrong, take the target
  63.         // path from the submitted data as otherwise it would take the current page
  64.         if ($request && $request->isMethod('POST'))
  65.         {
  66.             $this->targetPath base64_decode($request->request->get('_target_path'));
  67.         }
  68.         elseif ($this->redirectBack && $request && $request->query->has('redirect'))
  69.         {
  70.             $uriSigner System::getContainer()->get('uri_signer');
  72.             // We cannot use $request->getUri() here as we want to work with the original URI (no query string reordering)
  73.             if ($uriSigner->check($request->getSchemeAndHttpHost() . $request->getBaseUrl() . $request->getPathInfo() . (null !== ($qs $request->server->get('QUERY_STRING')) ? '?' $qs '')))
  74.             {
  75.                 $this->targetPath $request->query->get('redirect');
  76.             }
  77.         }
  79.         return parent::generate();
  80.     }
  82.     /**
  83.      * Generate the module
  84.      */
  85.     protected function compile()
  86.     {
  87.         /** @var PageModel $objPage */
  88.         global $objPage;
  90.         $container System::getContainer();
  91.         $request $container->get('request_stack')->getCurrentRequest();
  92.         $exception null;
  93.         $lastUsername '';
  95.         $this->Template->requestToken $container->get('contao.csrf.token_manager')->getDefaultTokenValue();
  97.         // Only call the authentication utils if there is an active session to prevent starting an empty session
  98.         if ($request && $request->hasSession() && ($request->hasPreviousSession() || $request->getSession()->isStarted()))
  99.         {
  100.             $authUtils $container->get('security.authentication_utils');
  101.             $exception $authUtils->getLastAuthenticationError();
  102.             $lastUsername $authUtils->getLastUsername();
  103.         }
  105.         $authorizationChecker $container->get('security.authorization_checker');
  107.         if ($authorizationChecker->isGranted('ROLE_MEMBER'))
  108.         {
  109.             $this->import(FrontendUser::class, 'User');
  111.             $strRedirect Environment::get('base') . Environment::get('request');
  113.             // Redirect to last page visited
  114.             if ($this->redirectBack && $this->targetPath)
  115.             {
  116.                 $strRedirect $this->targetPath;
  117.             }
  119.             // Redirect home if the page is protected
  120.             elseif ($objPage->protected)
  121.             {
  122.                 $strRedirect Environment::get('base');
  123.             }
  125.             $this->Template->logout true;
  126.             $this->Template->formId 'tl_logout_' $this->id;
  127.             $this->Template->slabel StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['logout']);
  128.             $this->Template->loggedInAs sprintf($GLOBALS['TL_LANG']['MSC']['loggedInAs'], $this->User->username);
  129.             $this->Template->action $container->get('security.logout_url_generator')->getLogoutPath();
  130.             $this->Template->targetPath StringUtil::specialchars($strRedirect);
  132.             if ($this->User->lastLogin 0)
  133.             {
  134.                 $this->Template->lastLogin sprintf($GLOBALS['TL_LANG']['MSC']['lastLogin'][1], Date::parse($objPage->datimFormat$this->User->lastLogin));
  135.             }
  137.             return;
  138.         }
  140.         if ($exception instanceof LockedException)
  141.         {
  142.             $this->Template->hasError true;
  143.             $this->Template->message sprintf($GLOBALS['TL_LANG']['ERR']['accountLocked'], $exception->getLockedMinutes());
  144.         }
  145.         elseif ($exception instanceof InvalidTwoFactorCodeException)
  146.         {
  147.             $this->Template->hasError true;
  148.             $this->Template->message $GLOBALS['TL_LANG']['ERR']['invalidTwoFactor'];
  149.         }
  150.         elseif ($exception instanceof AuthenticationException)
  151.         {
  152.             $this->Template->hasError true;
  153.             $this->Template->message $GLOBALS['TL_LANG']['ERR']['invalidLogin'];
  154.         }
  156.         $blnRedirectBack false;
  157.         $strRedirect Environment::get('base') . Environment::get('request');
  159.         // Redirect to the last page visited
  160.         if ($this->redirectBack && $this->targetPath)
  161.         {
  162.             $blnRedirectBack true;
  163.             $strRedirect $this->targetPath;
  164.         }
  166.         // Redirect to the jumpTo page
  167.         elseif (($objTarget $this->objModel->getRelated('jumpTo')) instanceof PageModel)
  168.         {
  169.             /** @var PageModel $objTarget */
  170.             $strRedirect $objTarget->getAbsoluteUrl();
  171.         }
  173.         $this->Template->formId 'tl_login_' $this->id;
  174.         $this->Template->forceTargetPath = (int) $blnRedirectBack;
  175.         $this->Template->targetPath StringUtil::specialchars(base64_encode($strRedirect));
  177.         if ($authorizationChecker->isGranted('IS_AUTHENTICATED_2FA_IN_PROGRESS'))
  178.         {
  179.             // Dispatch 2FA form event to prepare 2FA providers
  180.             $token $container->get('security.token_storage')->getToken();
  181.             $event = new TwoFactorAuthenticationEvent($request$token);
  182.             $container->get('event_dispatcher')->dispatch($eventTwoFactorAuthenticationEvents::FORM);
  184.             $this->Template->twoFactorEnabled true;
  185.             $this->Template->authCode $GLOBALS['TL_LANG']['MSC']['twoFactorVerification'];
  186.             $this->Template->slabel StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['continue']);
  187.             $this->Template->cancel $GLOBALS['TL_LANG']['MSC']['cancelBT'];
  188.             $this->Template->twoFactorAuthentication $GLOBALS['TL_LANG']['MSC']['twoFactorAuthentication'];
  190.             return;
  191.         }
  193.         $this->Template->username $GLOBALS['TL_LANG']['MSC']['username'];
  194.         $this->Template->password $GLOBALS['TL_LANG']['MSC']['password'][0];
  195.         $this->Template->slabel StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['login']);
  196.         $this->Template->value Input::encodeInsertTags(StringUtil::specialchars($lastUsername));
  197.         $this->Template->autologin $this->autologin;
  198.         $this->Template->autoLabel $GLOBALS['TL_LANG']['MSC']['autologin'];
  199.     }
  200. }
  202. class_alias(ModuleLogin::class, 'ModuleLogin');