Feature #83529
closed
Execute hooks on backend user login
100%
Description
When a user successfully logs in to the backend of TYPO3, registered hooks should be executed.
This allows TYPO3 core developers as well as extension developers to create functions that react on a BE user login.
Typical use cases for notification services are for example:
- Post a message to Slack or a similar messaging system.
- Send a text message (SMS) to the user's mobile number.
- Pass this event to other systems to monitor suspicious activities.
- Pass this event to other systems for activity logging of specific users (see note below).
- Trigger other events in the system based on the user, user settings, etc.
- etc.
Note: Some organization/company policies require the governance, compliance, operational auditing, and risk auditing of specific account (e.g. accounts with high privileges such as admins). Developing an extension that notifies a third party system (e.g. via an API call) about the BE login event in real time would be an easy task if a hook would be available.
Currently, backend users can enable the feature "email at login" in their settings. This could be decentralized and moved to a separate extension (or system extension), including some improvements (e.g. generate a nicer HTML email or customize the mail text such as "take the HTTP X-FORWARDED-FOR header into account", etc.). However, I suggest to treat this as a separate task, independent from this feature request.
Updated by Gerrit Code Review over 6 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319
Updated by Michael Schams over 6 years ago
Proof of concept: https://github.com/schams-net/be_login_logging
This extension writes an entry to a separate and configurable log file every time a user logs into the backend of TYPO3.
It uses the TYPO3 Logging API.
Updated by Markus Klein over 6 years ago
Regarding the extension: The core in v9 now logs all "events" in the authentication classes to the logging API, hence you can achieve the same with core-only means.
Updated by Gerrit Code Review over 6 years ago
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55331
Updated by Gerrit Code Review over 6 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319
Updated by Michael Schams over 6 years ago
- Subject changed from Emit signal on successful backend user login to Execute hooks on successful backend user login
- Description updated (diff)
As suggested in review.typo3.org , Hooks should be used, rather than Signals/Slots for consistency reasons.
Therefore this ticket has been updated accordingly (Signal/Slots → Hooks).
Updated by Michael Schams over 6 years ago
- Subject changed from Execute hooks on successful backend user login to Execute hooks on backend user login
Updated by Gerrit Code Review over 6 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319
Updated by Gerrit Code Review about 6 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319
Updated by Gerrit Code Review about 6 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319
Updated by Gerrit Code Review about 6 years ago
Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319
Updated by Anonymous about 6 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset c1798ab34fdccd9d222e8b29e8910b867b24a819.
Updated by