Project

General

Profile

Actions

Feature #20605

closed

Add more information to logoff() method in user authentication

Added by Oliver Hader almost 15 years ago. Updated almost 4 years ago.

Status:
Rejected
Priority:
Should have
Assignee:
Category:
Authentication
Target version:
-
Start date:
2009-06-10
Due date:
% Done:

0%

Estimated time:
PHP Version:
5.2
Tags:
Complexity:
Sprint Focus:

Description

The TYPO3 user authentication (t3lib_userAuth) has a method logoff() that is called at several places but has no information what kind of "logoff" happens:
  • regular logoff, since user requested it (status=logout)
  • automatic logoff from old session when a new frontend user logs in
  • automatic logoff if session of logged in frontend user expired or no frontend user is logged in at all
Tasks:
  • constants shall be integrated and added to the logoff-calls, e.g. logoff(self::LOGOFF_ByUser)
  • logoff-status must be transferred to affected hooks in the logoff() method

(issue imported from #M11313)


Files

0011313.patch (3.03 KB) 0011313.patch Administrator Admin, 2009-06-10 13:51
0011313_v2.patch (3.04 KB) 0011313_v2.patch Administrator Admin, 2009-06-18 15:06
Actions #1

Updated by Ernesto Baschny over 13 years ago

What's the use-case for this? Is this information interesting in for logging, or do you have any extension in mind which could use that information?

As a minor change, it would candidate to get still included in 4.5, if there is still interest. Only an updated patch and one tiny +1 missing to have it ready.

Actions #2

Updated by Ernesto Baschny about 13 years ago

In #22336 we discussed (core list) that it might be interesting for knowing the reason for a BE-logoff, maybe triggering an Exception in case the logoff was triggered by

1) a session expiration
2) invalid IP lock
3) invalid user agent

Throwing the exception would present that info to the user and provide more accurate reports from customers to their site integrators (and at the end to us TYPO3 developers).

A differenciation has to be made in the LOGOFF_OnNoUserLoggedIn condition, because 2) and 3) and also a "not logged in" case all match this condition.

So this might be a good candidate for 4.6.

Actions #3

Updated by Xavier Perseguers over 12 years ago

  • Target version deleted (4.6.0-beta1)
Actions #4

Updated by Alexander Opitz over 10 years ago

  • Status changed from Needs Feedback to New
Actions #5

Updated by Mathias Schreiber about 9 years ago

  • Target version set to 7.4 (Backend)
Actions #6

Updated by Susanne Moog over 8 years ago

  • Target version changed from 7.4 (Backend) to 7.5
Actions #7

Updated by Benni Mack over 8 years ago

  • Target version deleted (7.5)
Actions #8

Updated by Susanne Moog over 6 years ago

  • Category set to Authentication
Actions #9

Updated by Oliver Hader almost 4 years ago

  • Status changed from New to Rejected

Probably was not interesting enough...

Actions

Also available in: Atom PDF