为 TYPO3 后端验证远程验证的用户凭据

Question

I need a bit help in login in a backend user whos credentials have been verified by a remote server. The actual user and all its permissions are set in TYPO3, but the password is stored on a remote server.

So far I've created a small extension, that redirects the backend login to my Login provider:

$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['backend']['loginProviders'][1433416747]['provider'] = \User\MyExtension\Hooks\LoginProvider::class;

where I check the username and password combination on the remote server.

class LoginProvider implements LoginProviderInterface
{
    public function render(StandaloneView $view, PageRenderer $pageRenderer, LoginController $loginController)
    {

        $view->setTemplatePathAndFilename(GeneralUtility::getFileAbsFileName('EXT:my_extension/Resources/Private/Templates/BELogin.html'));

        // Check request
        if (
            isset($_POST['login_status'])
            && $_POST['login_status'] == 'login'
            && !empty($_POST['username'])
            && !empty($_POST['p_field'])
            && $_POST['interface'] == 'backend'
        ) {
            // Get EXT connection data from settings
            $EXT_CONFIG       = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['my_extension']);
            $this->extServer = $EXT_CONFIG['extServer'];
            $this->extDC     = $EXT_CONFIG['extDC'];

            // Assign received login data
            $this->username = GeneralUtility::_GP('username');
            $this->password = GeneralUtility::_GP('p_field');

            // Try to authenticate
            if ($this->checkCredentials()) {
                // @TODO: Need to log in the verified user credentials!
            }
        }
    }

    private function checkCredentials()
    {
        // Check if local user exists
        $local = $GLOBALS['TYPO3_DB']->exec_SELECTcountRows("uid", "be_users", "username='{$this->username}' AND disable=0") ?? 0;

        // Check credentials and recieve user object if correct, or false if wrong
        if ($local > 0) {
            $ext           = new EXT($this->extServer, $this->extDC);
            $this->extUser = $ext->authorize($this->username, $this->password);
        }

        return $this->extUser ? true : false;
    }
}

Now I would need to log in the verified user, but can't understand how.

PS: I already found BackendUserAuthentication , but that only works once the user is already authenticated (or I don't know how to use).

Answer 1

A LoginProvider is only for rendering a different login form (eg for openID, which does not need a password field).

You need to implement an authentication service: https://docs.typo3.org/typo3cms/Typo3ServicesReference/Authentication/Index.html