Feature: #100294 - Add PSR-14 event to enrich password validation ContextData¶
See forge#100294
Description¶
A new PSR-14 event \TYPO3\CMS\Core\PasswordPolicy\Event\EnrichPasswordValidationContextDataEvent
has been added, which allows extension authors to enrich the
\TYPO3\CMS\Core\PasswordPolicy\Validator\Dto\ContextData
DTO used in password policy validation.
The PSR-14 event is dispatched in all classes, where a user password is validated against the globally configured password policy.
The event features the following methods:
getContextData()
returns the currentContextData
DTOgetUserData()
returns an array with user data available from the initiating classgetInitiatingClass()
returns the class name, where theContextData
DTO is created
The event can be used to enrich the ContextData
DTO with additional data
used in custom password policy validators.
Note
The user data returned by getUserData()
will include user data
available from the initiating class only. Therefore, event listeners should
always consider the initiating class name when accessing data from
getUserData()
. If required user data is not available via
getUserData()
, it can possibly be retrieved by a custom database
query (e.g. data from user table in the password reset process by fetching
the user with the uid
given in getUserData()
array).
Registration of the event in your extension's Services.yaml
:
MyVendor\MyExtension\PasswordPolicy\EventListener\MyEventListener:
tags:
- name: event.listener
identifier: 'my-extension/enrich-context-data'
The corresponding event listener class:
use TYPO3\CMS\Core\DataHandling\DataHandler;
use TYPO3\CMS\Core\PasswordPolicy\Event\EnrichPasswordValidationContextDataEvent;
final class MyEventListener
{
public function __invoke(EnrichPasswordValidationContextDataEvent $event): void
{
if ($event->getInitiatingClass() === DataHandler::class) {
$event->getContextData()->setData('currentMiddleName', $event->getUserData()['middle_name'] ?? '');
$event->getContextData()->setData('currentEmail', $event->getUserData()['email'] ?? '');
}
}
}
Impact¶
With the new EnrichPasswordValidationContextDataEvent
, it is now
possible to enrich the ContextData
DTO used in password policy
validation with additional data.