Deprecation: #100173 - Various methods and properties in UserAuthentication classes now internal¶
See forge#100173
Description¶
Various methods and properties within the main classes regarding frontend
user and backend user ($GLOBALS[BE_USER]
) authentication handling
have been either marked as internal or have been deprecated for usage
outside of the classes.
This is due to the further refactorings and decoupling work, as subclasses of
AbstractUserAuthentication
deal with many more functionality nowadays,
and therefore have been moved to service classes. The tight coupling of these
classes, for example, the database fields, or login form field names are now marked as
internal, as these properties should not be modified from the outside scope.
Instead, functionality like PSR-14 events or Authentication Services should influence the authentication and authorization workflow.
The following properties and methods are now marked as internal in all
user authentication related classes (extending
\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
):
lastLogin_column
formfield_uname
formfield_uident
formfield_status
loginSessionStarted
dontSetCookie
isSetSessionCookie()
isRefreshTimeBasedCookie()
removeCookie()
isCookieSet()
unpack_uc()
appendCookieToResponse()
Additionally, the following properties of the
\TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication
implementation are marked as internal:
formfield_permanent
is_permanent
Impact¶
The affected properties and methods have been marked as @internal
and set to
protected
. With an additional trait, it is still possible to access them
in TYPO3 v12. In case third-party extensions call them, a PHP deprecation
warning is thrown.
Affected installations¶
TYPO3 installations with custom extensions accessing the properties or methods. The extension scanner reports corresponding places.
Migration¶
Depending on the specific requirements, it is recommended to use PSR-14 events or authentication services to modify behaviour of the authentication classes.