2 namespace TYPO3\CMS\Saltedpasswords;
81 if ($this->info[
'requestedServiceSubType'] ===
'authUserBE') {
83 }
elseif ($this->info[
'requestedServiceSubType'] ===
'authUserFE') {
86 if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled(
$mode)) {
88 $this->extConf = \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::returnExtConf();
90 return $available ? parent::init() :
false;
101 public function compareUident(array $user, array $loginData, $passwordCompareStrategy =
'')
103 $validPasswd =
false;
104 $password = $loginData[
'uident_text'];
106 $this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($user[
'password']);
108 if (is_object($this->objInstanceSaltedPW)) {
109 $validPasswd = $this->objInstanceSaltedPW->checkPassword($password, $user[
'password']);
113 $this->authenticationFailed =
true;
115 $defaultHashingClassName = \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::getDefaultSaltingHashingMethod();
118 if ($validPasswd && !(get_class($this->objInstanceSaltedPW) == $defaultHashingClassName) || is_subclass_of($this->objInstanceSaltedPW, $defaultHashingClassName)) {
120 $this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(null);
121 $this->
updatePassword((
int)$user[
'uid'], array(
'password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
123 if ($validPasswd && !$skip && $this->objInstanceSaltedPW->isHashUpdateNeeded($user[
'password'])) {
124 $this->
updatePassword((
int)$user[
'uid'], array(
'password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
126 }
elseif (!(
int)$this->extConf[
'forceSalted']) {
128 if (\TYPO3\CMS\Core\Utility\GeneralUtility::inList(
'C$,M$', substr($user[
'password'], 0, 2))) {
130 $this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(substr($user[
'password'], 1));
132 if ($user[
'password'][0] ===
'M') {
133 $validPasswd = $this->objInstanceSaltedPW->checkPassword(md5($password), substr($user[
'password'], 1));
135 $validPasswd = $this->objInstanceSaltedPW->checkPassword($password, substr($user[
'password'], 1));
139 $this->authenticationFailed =
true;
141 }
elseif (preg_match(
'/[0-9abcdef]{32,32}/', $user[
'password'])) {
142 $validPasswd = md5($password) === (string)$user[
'password'];
145 $this->authenticationFailed =
true;
148 $validPasswd = (string)$password === (
string)$user[
'password'];
151 if ($validPasswd && (
int)$this->extConf[
'updatePasswd']) {
153 $this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(null);
154 $this->
updatePassword((
int)$user[
'uid'], array(
'password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
174 $validPasswd =
false;
175 if ($this->login[
'uident'] && $this->login[
'uname']) {
176 if (!empty($this->login[
'uident_text'])) {
181 $errorMessage =
'Login-attempt from %s (%s), username \'%s\', password not accepted!';
183 if ((
int)$this->extConf[
'onlyAuthService'] || $this->authenticationFailed) {
184 $this->
writeLogMessage(TYPO3_MODE .
' Authentication failed - wrong password for username \'%s\'', $this->login[
'uname']);
187 $this->
writeLogMessage($errorMessage, $this->authInfo[
'REMOTE_ADDR'], $this->authInfo[
'REMOTE_HOST'], $this->login[
'uname']);
189 $this->
writelog(255, 3, 3, 1, $errorMessage, array(
190 $this->authInfo[
'REMOTE_ADDR'],
191 $this->authInfo[
'REMOTE_HOST'],
192 $this->login[
'uname']
194 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf($errorMessage, $this->authInfo[
'REMOTE_ADDR'], $this->authInfo[
'REMOTE_HOST'], $this->login[
'uname']),
'core', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_INFO);
195 }
elseif ($validPasswd && $user[
'lockToDomain'] && strcasecmp($user[
'lockToDomain'], $this->authInfo[
'HTTP_HOST'])) {
197 $errorMessage =
'Login-attempt from %s (%s), username \'%s\', locked domain \'%s\' did not match \'%s\'!';
198 $this->
writeLogMessage($errorMessage, $this->authInfo[
'REMOTE_ADDR'], $this->authInfo[
'REMOTE_HOST'], $this->login[
'uname'], $user[
'lockToDomain'], $this->authInfo[
'HTTP_HOST']);
199 $this->
writelog(255, 3, 3, 1, $errorMessage, array(
200 $this->authInfo[
'REMOTE_ADDR'],
201 $this->authInfo[
'REMOTE_HOST'],
202 $user[$this->db_user[
'username_column']],
203 $user[
'lockToDomain'],
204 $this->authInfo[
'HTTP_HOST']
206 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf($errorMessage, $this->authInfo[
'REMOTE_ADDR'], $this->authInfo[
'REMOTE_HOST'], $user[$this->db_user[
'username_column']], $user[
'lockToDomain'], $this->authInfo[
'HTTP_HOST']),
'core', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_INFO);
209 $this->
writeLogMessage(TYPO3_MODE .
' Authentication successful for username \'%s\'', $this->login[
'uname']);
225 $GLOBALS[
'TYPO3_DB']->exec_UPDATEquery($this->pObj->user_table, sprintf(
'uid = %u', $uid), $updateFields);
226 \TYPO3\CMS\Core\Utility\GeneralUtility::devLog(sprintf(
'Automatic password update for user record in %s with uid %u', $this->pObj->user_table, $uid), $this->extKey, 1);
244 if (func_num_args() > 1) {
245 $params = func_get_args();
246 array_shift($params);
247 $message = vsprintf($message, $params);
249 if (TYPO3_MODE ===
'BE') {
250 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, $this->extKey, \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_NOTICE);
252 $GLOBALS[
'TT']->setTSlogMessage($message);
255 \TYPO3\CMS\Core\Utility\GeneralUtility::devLog($message, $this->extKey, \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_NOTICE);