vendor/contao/core-bundle/src/Resources/contao/controllers/BackendIndex.php line 55

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of Contao.
  5.  *
  6.  * (c) Leo Feyer
  7.  *
  8.  * @license LGPL-3.0-or-later
  9.  */
  11. namespace Contao;
  13. use Contao\CoreBundle\Intl\Locales;
  14. use Contao\CoreBundle\Security\Exception\LockedException;
  15. use Scheb\TwoFactorBundle\Security\Authentication\Exception\InvalidTwoFactorCodeException;
  16. use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorToken;
  17. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvent;
  18. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvents;
  19. use Symfony\Component\HttpFoundation\Response;
  20. use Symfony\Component\HttpKernel\UriSigner;
  21. use Symfony\Component\Routing\Router;
  22. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  23. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  25. /**
  26.  * Handle back end logins and logouts.
  27.  *
  28.  * @author Leo Feyer <https://github.com/leofeyer>
  29.  */
  30. class BackendIndex extends Backend
  31. {
  32.     /**
  33.      * Initialize the controller
  34.      *
  35.      * 1. Import the user
  36.      * 2. Call the parent constructor
  37.      * 3. Login the user
  38.      * 4. Load the language files
  39.      * DO NOT CHANGE THIS ORDER!
  40.      */
  41.     public function __construct()
  42.     {
  43.         $this->import(BackendUser::class, 'User');
  44.         parent::__construct();
  46.         System::loadLanguageFile('default');
  47.         System::loadLanguageFile('tl_user');
  48.     }
  50.     /**
  51.      * Run the controller and parse the login template
  52.      *
  53.      * @return Response
  54.      */
  55.     public function run()
  56.     {
  57.         $container System::getContainer();
  58.         $exception $container->get('security.authentication_utils')->getLastAuthenticationError();
  60.         if ($exception instanceof LockedException)
  61.         {
  62.             Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['accountLocked'], $exception->getLockedMinutes()));
  63.         }
  64.         elseif ($exception instanceof InvalidTwoFactorCodeException)
  65.         {
  66.             Message::addError($GLOBALS['TL_LANG']['ERR']['invalidTwoFactor']);
  67.         }
  68.         elseif ($exception instanceof AuthenticationException)
  69.         {
  70.             Message::addError($GLOBALS['TL_LANG']['ERR']['invalidLogin']);
  71.         }
  73.         $router $container->get('router');
  74.         $targetPath $router->generate('contao_backend', array(), Router::ABSOLUTE_URL);
  75.         $request $container->get('request_stack')->getCurrentRequest();
  77.         if ($request && $request->query->has('redirect'))
  78.         {
  79.             /** @var UriSigner $uriSigner */
  80.             $uriSigner $container->get('uri_signer');
  82.             // We cannot use $request->getUri() here as we want to work with the original URI (no query string reordering)
  83.             if ($uriSigner->check($request->getSchemeAndHttpHost() . $request->getBaseUrl() . $request->getPathInfo() . (null !== ($qs $request->server->get('QUERY_STRING')) ? '?' $qs '')))
  84.             {
  85.                 $targetPath $request->query->get('redirect');
  86.             }
  87.         }
  89.         $objTemplate = new BackendTemplate('be_login');
  90.         $objTemplate->headline $GLOBALS['TL_LANG']['MSC']['loginBT'];
  92.         /** @var TokenInterface $token */
  93.         $token $container->get('security.token_storage')->getToken();
  95.         if ($token instanceof TwoFactorToken)
  96.         {
  97.             // Dispatch 2FA form event to prepare 2FA providers
  98.             $event = new TwoFactorAuthenticationEvent($request$token);
  99.             $container->get('event_dispatcher')->dispatch($eventTwoFactorAuthenticationEvents::FORM);
  101.             $objTemplate = new BackendTemplate('be_login_two_factor');
  102.             $objTemplate->headline $GLOBALS['TL_LANG']['MSC']['twoFactorAuthentication'];
  103.             $objTemplate->authCode $GLOBALS['TL_LANG']['MSC']['twoFactorVerification'];
  104.             $objTemplate->cancel $GLOBALS['TL_LANG']['MSC']['cancelBT'];
  105.         }
  107.         $objTemplate->theme Backend::getTheme();
  108.         $objTemplate->messages Message::generate();
  109.         $objTemplate->base Environment::get('base');
  110.         $objTemplate->language $GLOBALS['TL_LANGUAGE'];
  111.         $objTemplate->languages System::getContainer()->get(Locales::class)->getEnabledLocales(nulltrue); // backwards compatibility
  112.         $objTemplate->host Backend::getDecodedHostname();
  113.         $objTemplate->charset System::getContainer()->getParameter('kernel.charset');
  114.         $objTemplate->userLanguage $GLOBALS['TL_LANG']['tl_user']['language'][0];
  115.         $objTemplate->curUsername Input::post('username') ?: '';
  116.         $objTemplate->loginButton StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['continue']);
  117.         $objTemplate->username $GLOBALS['TL_LANG']['tl_user']['username'][0];
  118.         $objTemplate->password $GLOBALS['TL_LANG']['MSC']['password'][0];
  119.         $objTemplate->feLink $GLOBALS['TL_LANG']['MSC']['feLink'];
  120.         $objTemplate->default $GLOBALS['TL_LANG']['MSC']['default'];
  121.         $objTemplate->jsDisabled $GLOBALS['TL_LANG']['MSC']['jsDisabled'];
  122.         $objTemplate->targetPath StringUtil::specialchars(base64_encode($targetPath));
  124.         return $objTemplate->getResponse();
  125.     }
  126. }
  128. class_alias(BackendIndex::class, 'BackendIndex');