Feature #20605

Add more information to logoff() method in user authentication

Added by Oliver Hader over 10 years ago. Updated about 2 years ago.

Status:
New
Priority:
Should have
Assignee:
Category:
Authentication
Target version:
-
Start date:
2009-06-10
Due date:
% Done:

0%

PHP Version:
5.2
Tags:
Complexity:
Sprint Focus:

Description

The TYPO3 user authentication (t3lib_userAuth) has a method logoff() that is called at several places but has no information what kind of "logoff" happens:
  • regular logoff, since user requested it (status=logout)
  • automatic logoff from old session when a new frontend user logs in
  • automatic logoff if session of logged in frontend user expired or no frontend user is logged in at all
Tasks:
  • constants shall be integrated and added to the logoff-calls, e.g. logoff(self::LOGOFF_ByUser)
  • logoff-status must be transferred to affected hooks in the logoff() method

(issue imported from #M11313)

0011313.patch View (3.03 KB) Administrator Admin, 2009-06-10 13:51

0011313_v2.patch View (3.04 KB) Administrator Admin, 2009-06-18 15:06

History

#1 Updated by Ernesto Baschny about 9 years ago

What's the use-case for this? Is this information interesting in for logging, or do you have any extension in mind which could use that information?

As a minor change, it would candidate to get still included in 4.5, if there is still interest. Only an updated patch and one tiny +1 missing to have it ready.

#2 Updated by Ernesto Baschny almost 9 years ago

In #22336 we discussed (core list) that it might be interesting for knowing the reason for a BE-logoff, maybe triggering an Exception in case the logoff was triggered by

1) a session expiration
2) invalid IP lock
3) invalid user agent

Throwing the exception would present that info to the user and provide more accurate reports from customers to their site integrators (and at the end to us TYPO3 developers).

A differenciation has to be made in the LOGOFF_OnNoUserLoggedIn condition, because 2) and 3) and also a "not logged in" case all match this condition.

So this might be a good candidate for 4.6.

#3 Updated by Xavier Perseguers over 8 years ago

  • Target version deleted (4.6.0-beta1)

#4 Updated by Alexander Opitz over 6 years ago

  • Status changed from Needs Feedback to New

#5 Updated by Mathias Schreiber almost 5 years ago

  • Target version set to 7.4 (Backend)

#6 Updated by Susanne Moog over 4 years ago

  • Target version changed from 7.4 (Backend) to 7.5

#7 Updated by Benni Mack about 4 years ago

  • Target version deleted (7.5)

#8 Updated by Susanne Moog about 2 years ago

  • Category set to Authentication

Also available in: Atom PDF