Feature #83529

Execute hooks on backend user login

Added by Michael Schams 11 months ago. Updated 2 months ago.

Status:
Closed
Priority:
Could have
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
2018-01-10
Due date:
% Done:

100%

PHP Version:
Tags:
Complexity:
easy
Sprint Focus:

Description

When a user successfully logs in to the backend of TYPO3, registered hooks should be executed.

This allows TYPO3 core developers as well as extension developers to create functions that react on a BE user login.
Typical use cases for notification services are for example:

  • Post a message to Slack or a similar messaging system.
  • Send a text message (SMS) to the user's mobile number.
  • Pass this event to other systems to monitor suspicious activities.
  • Pass this event to other systems for activity logging of specific users (see note below).
  • Trigger other events in the system based on the user, user settings, etc.
  • etc.

Note: Some organization/company policies require the governance, compliance, operational auditing, and risk auditing of specific account (e.g. accounts with high privileges such as admins). Developing an extension that notifies a third party system (e.g. via an API call) about the BE login event in real time would be an easy task if a hook would be available.

Currently, backend users can enable the feature "email at login" in their settings. This could be decentralized and moved to a separate extension (or system extension), including some improvements (e.g. generate a nicer HTML email or customize the mail text such as "take the HTTP X-FORWARDED-FOR header into account", etc.). However, I suggest to treat this as a separate task, independent from this feature request.

Associated revisions

Revision c1798ab3 (diff)
Added by Michael Schams 11 months ago

[FEATURE] Execute hooks on backend user login

When a user successfully logs in to the backend of TYPO3, registered
hooks are executed. This allows for the development of further actions
such as notification services.

Resolves: #83529
Releases: master
Change-Id: I26b060463ae76075a4d40f25c8e695534fe69875
Reviewed-on: https://review.typo3.org/55319
Reviewed-by: Markus Klein <>
Tested-by: TYPO3com <>
Reviewed-by: Michael Schams <>
Tested-by: Michael Schams <>
Reviewed-by: Joerg Boesche <>
Tested-by: Joerg Boesche <>
Reviewed-by: Henning Liebe <>
Tested-by: Henning Liebe <>
Reviewed-by: Reiner Teubner <>
Tested-by: Reiner Teubner <>
Reviewed-by: Christian Kuhn <>
Tested-by: Christian Kuhn <>

History

#1 Updated by Gerrit Code Review 11 months ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319

#2 Updated by Michael Schams 11 months ago

Proof of concept: https://github.com/schams-net/be_login_logging
This extension writes an entry to a separate and configurable log file every time a user logs into the backend of TYPO3.
It uses the TYPO3 Logging API.

#3 Updated by Markus Klein 11 months ago

Regarding the extension: The core in v9 now logs all "events" in the authentication classes to the logging API, hence you can achieve the same with core-only means.

#4 Updated by Gerrit Code Review 11 months ago

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55331

#5 Updated by Gerrit Code Review 11 months ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319

#6 Updated by Michael Schams 11 months ago

  • Subject changed from Emit signal on successful backend user login to Execute hooks on successful backend user login
  • Description updated (diff)

As suggested in review.typo3.org , Hooks should be used, rather than Signals/Slots for consistency reasons.
Therefore this ticket has been updated accordingly (Signal/Slots → Hooks).

#7 Updated by Michael Schams 11 months ago

  • Subject changed from Execute hooks on successful backend user login to Execute hooks on backend user login

#8 Updated by Gerrit Code Review 11 months ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319

#9 Updated by Gerrit Code Review 11 months ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319

#10 Updated by Gerrit Code Review 11 months ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319

#11 Updated by Gerrit Code Review 11 months ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/55319

#12 Updated by Anonymous 11 months ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

#13 Updated by Benni Mack 2 months ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF