Task: Initial commit

christophlehmann · Aug 13, 2019 · 66e0e21 · 66e0e21
commit 66e0e21
Show file tree

Hide file tree

Showing 8 changed files with 214 additions and 0 deletions.
diff --git a/Classes/MiddleWare/BasicAuth.php b/Classes/MiddleWare/BasicAuth.php
@@ -0,0 +1,64 @@
+<?php
+declare(strict_types=1);
+namespace Lemming\Httpbasicauth\Middleware;
+
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\MiddlewareInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use TYPO3\CMS\Core\Site\Entity\Site;
+use TYPO3\CMS\Core\Context\Context;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+
+class BasicAuth implements MiddlewareInterface
+{
+    /**
+     * @param ServerRequestInterface $request
+     * @param RequestHandlerInterface $handler
+     * @return ResponseInterface
+     */
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        /** @var Site $site */
+        $site = $request->getAttribute('site');
+        if (!$site) {
+            return $handler->handle($request);
+        }
+
+        try {
+            if (!$site->getAttribute('basicauth_enabled')) {
+                return $handler->handle($request);
+            }
+        } catch (\InvalidArgumentException $e) {
+            // Attribute maybe not set after installing this extension?
+            return $handler->handle($request);
+        }
+
+        if ($site->getAttribute('basicauth_allow_devipmask')) {
+            $clientIPMatchesDevelopmentSystem = GeneralUtility::cmpIP(GeneralUtility::getIndpEnv('REMOTE_ADDR'),
+                $GLOBALS['TYPO3_CONF_VARS']['SYS']['devIPmask']);
+            if ($clientIPMatchesDevelopmentSystem) {
+                return $handler->handle($request);
+            }
+        }
+
+        if ($site->getAttribute('basicauth_allow_beuser')) {
+            $context = GeneralUtility::makeInstance(Context::class);
+            $backendUserLoggedIn = $context->getPropertyFromAspect('backend.user', 'id') > 0;
+            if ($backendUserLoggedIn) {
+                return $handler->handle($request);
+            }
+        }
+
+        if ($site->getAttribute('basicauth_user') === $_SERVER['PHP_AUTH_USER'] &&
+            $site->getAttribute('basicauth_password') === $_SERVER['PHP_AUTH_PW']
+        ) {
+            return $handler->handle($request);
+        }
+
+        // @Todo: Return PSR-7 Response ?
+        header('WWW-Authenticate: Basic realm="Not authorized"');
+        header('HTTP/1.0 401 Unauthorized');
+        die("Not authorized");
+    }
+}
diff --git a/Configuration/RequestMiddlewares.php b/Configuration/RequestMiddlewares.php
@@ -0,0 +1,16 @@
+<?php
+
+return [
+    'frontend' => [
+        'lemming/httpbasicauth/basic-auth' => [
+            'target' => \Lemming\Httpbasicauth\Middleware\BasicAuth::class,
+            'after' => [
+                'typo3/cms-frontend/site',
+                'typo3/cms-frontend/backend-user-authentication'
+            ],
+            'before' => [
+                'typo3/cms-frontend/base-redirect-resolver'
+            ]
+        ]
+    ]
+];
diff --git a/Configuration/SiteConfiguration/Overrides/basicauth.php b/Configuration/SiteConfiguration/Overrides/basicauth.php
@@ -0,0 +1,65 @@
+<?php
+
+$GLOBALS['SiteConfiguration']['site']['columns']['basicauth_enabled'] = [
+    'label' => 'Enable HTTP Basic Authentication',
+    'config' => [
+        'type' => 'check',
+        'renderType' => 'checkboxLabeledToggle',
+        'items' => [
+            [
+                0 => '',
+                1 => '',
+                'labelChecked' => 'Enabled',
+                'labelUnchecked' => 'Disabled',
+            ]
+        ],
+    ]
+];
+$GLOBALS['SiteConfiguration']['site']['columns']['basicauth_user'] = [
+    'label' => 'Username',
+    'config' => [
+        'type' => 'input',
+    ],
+];
+$GLOBALS['SiteConfiguration']['site']['columns']['basicauth_password'] = [
+    'label' => 'Password',
+    'config' => [
+        'type' => 'input',
+    ],
+];
+$GLOBALS['SiteConfiguration']['site']['columns']['basicauth_allow_devipmask'] = [
+    'label' => 'Grant access when devIPMask matches',
+    'config' => [
+        'type' => 'check',
+        'default' => '1',
+        'renderType' => 'checkboxLabeledToggle',
+        'items' => [
+            [
+                0 => '',
+                1 => '',
+                'labelChecked' => 'Enabled',
+                'labelUnchecked' => 'Disabled',
+            ]
+        ],
+    ]
+];
+$GLOBALS['SiteConfiguration']['site']['columns']['basicauth_allow_beuser'] = [
+    'label' => 'Grant access when backend user logged in',
+    'config' => [
+        'type' => 'check',
+        'default' => '1',
+        'renderType' => 'checkboxLabeledToggle',
+        'items' => [
+            [
+                0 => '',
+                1 => '',
+                'labelChecked' => 'Enabled',
+                'labelUnchecked' => 'Disabled',
+            ]
+        ],
+    ]
+];
+
+$GLOBALS['SiteConfiguration']['site']['types']['0']['showitem'] .= '
+    ,--div--;HTTP Basic Auth, basicauth_enabled, basicauth_user, basicauth_password, basicauth_allow_devipmask, basicauth_allow_beuser
+';
diff --git a/Documentation/configuration.png b/Documentation/configuration.png
diff --git a/Readme.md b/Readme.md
@@ -0,0 +1,7 @@
+# HTTP Basic Authentication for TYPO3
+
+* Supports TYPO3 9.5+
+
+## Site Configuration
+
+![site configuration](https://raw.githubusercontent.com/christophlehmann/httpbasicauth/master/Documentation/configuration.png)
diff --git a/Resources/Public/Icons/Extension.gif b/Resources/Public/Icons/Extension.gif
diff --git a/composer.json b/composer.json
@@ -0,0 +1,38 @@
+{
+  "name": "christophlehmann/httpbasicauth",
+  "description": "HTTP Basic Auth for TYPO3 9.5+",
+  "type": "typo3-cms-extension",
+  "license": [
+    "GPL-2.0-or-later"
+  ],
+  "keywords": [
+    "authentication"
+  ],
+  "support": {
+    "issues": "https://github.com/christophlehmann/httpbasicauth"
+  },
+  "authors": [
+    {
+      "name": "Christoph Lehmann",
+      "email": "[email protected]"
+    }
+  ],
+  "require": {
+    "typo3/cms-core": ">=9.5.0"
+  },
+  "extra": {
+    "typo3/cms": {
+      "extension-key": "httpbasicauth",
+      "cms-package-dir": "{$vendor-dir}/typo3/cms"
+    }
+  },
+  "autoload": {
+    "psr-4": {
+      "Lemming\\Httpbasicauth\\": "Classes/"
+    }
+  },
+  "replace": {
+    "httpbasicauth": "self.version",
+    "typo3-ter/httpbasicauth": "self.version"
+  }
+}
diff --git a/ext_emconf.php b/ext_emconf.php
@@ -0,0 +1,24 @@
+<?php
+
+$EM_CONF['httpbasicauth'] = [
+    'title' => 'HTTP Basic Auth',
+    'description' => 'HTTP Basic Auth via Site Configuration',
+    'category' => 'fe',
+    'state' => 'stable',
+    'clearCacheOnLoad' => 0,
+    'author' => 'Christoph Lehmann',
+    'author_email' => '[email protected]',
+    'version' => '1.0.0',
+    'constraints' => [
+        'depends' => [
+            'typo3' => '9.5.0-',
+        ],
+        'conflicts' => [
+        ],
+        'suggests' => [
+        ],
+    ],
+    'autoload' => [
+        'classmap' => ['Classes'],
+    ]
+];