Search code examples
phptypo3extbasetypo3-7.6.x

Why pages aren't accessible after Login FE User by code?

I'm trying to login a FrontendUser by code in an extbase extension with the following code:

$loginData = array(
        'username'    => $user['username'],
        'uname'       => $user['username'],
        'uident'      => $user['password'],
        'uident_text' => $user['password'],
        'status'      => 'login'
    );

    $GLOBALS['TSFE']->fe_user->checkPid = FALSE;
    $info = $GLOBALS['TSFE']->fe_user->getAuthInfoArray();
    $user = $GLOBALS['TSFE']->fe_user->fetchUserRecord($info['db_user'], $loginData['username']);

    $login_success = $GLOBALS['TSFE']->fe_user->compareUident($user, $loginData);

    if ( $login_success ) {
        $GLOBALS['TSFE']->loginUser = TRUE;
        $GLOBALS['TSFE']->fe_user->fetchGroupData();
        $GLOBALS['TSFE']->fe_user->forceSetCookie = TRUE;
        $GLOBALS['TSFE']->fe_user->start();
        $GLOBALS['TSFE']->fe_user->createUserSession($user);
        $GLOBALS["TSFE"]->fe_user->loginSessionStarted = TRUE;
        $GLOBALS["TSFE"]->fe_user->user = $GLOBALS["TSFE"]->fe_user->fetchUserSession();

        return true;
    } else return false;

The session seems to exist and the $GLOBALS['TSFE']->fe_user->user and groupData arrays aren't empty. So it seems for me the user is logged in.

But if i'm trying to render some content of pages which are restricted only for the user/group the result is empty.

If i'm logging in with the user in frontend with the default login form, the pages are accessible by the user.

What i'm doing wrong?

Thanks a lot

Solution

  • Found the solution. In

    $GLOBALS['TSFE']->gr_list

    there is a CSV with the UIDs of the group that the current user can access. After login it needs to be updated. Maybe not a perfect solution, but in my case it helps.

    Here is the full code...

        $loginData = array(
        'username'    => $user['username'],
        'uname'       => $user['username'],
        'uident'      => $user['password'],
        'uident_text' => $user['password'],
        'status'      => 'login'
    );

    $GLOBALS['TSFE']->fe_user->checkPid = FALSE;
    $info = $GLOBALS['TSFE']->fe_user->getAuthInfoArray();
    $user = $GLOBALS['TSFE']->fe_user->fetchUserRecord($info['db_user'], $loginData['username']);

    $login_success = $GLOBALS['TSFE']->fe_user->compareUident($user, $loginData);

    if ( $login_success ) {
        $GLOBALS['TSFE']->loginUser = TRUE;
        $GLOBALS['TSFE']->fe_user->forceSetCookie = TRUE;
        $GLOBALS['TSFE']->fe_user->start();
        $GLOBALS['TSFE']->fe_user->createUserSession($user);
        $GLOBALS["TSFE"]->fe_user->loginSessionStarted = FALSE;
        $GLOBALS["TSFE"]->fe_user->user = $GLOBALS["TSFE"]->fe_user->fetchUserSession();
        $GLOBALS['TSFE']->fe_user->fetchGroupData();

        // Extend the group list (so the user can access restricted pages)
        $GLOBALS['TSFE']->gr_list = implode(
            ',',
            array_unique(
                array_merge(
                    GeneralUtility::trimExplode(
                        ',',
                        $GLOBALS['TSFE']->gr_list
                    ),
                    $GLOBALS['TSFE']->fe_user->groupData['uid']
                )
            )
        );

        return true;
    } else return false;