Vielen Dank für den Tipp mit der Erweiterung. Das wäre auf jeden Fall eine Alternative gewesen.
Ich habe es jetzt allerdings selber hinbekommen. Hier ist einmal der Code, Ich hoffe, euch stehen nicht die Haare zu Berge wegen 100.000 Sicherheitslücken...
Code:
<?php
// src/EventListener/ProcessFormDataListener.php
namespace App\EventListener;
use Contao\CoreBundle\DependencyInjection\Attribute\AsHook;
use Contao\Form;
use Contao\Email;
use Contao\CoreBundle\Security\User\UserChecker;
use Psr\Container\ContainerInterface;
use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
#[AsHook('processFormData')]
class ProcessFormDataListener
{
private $userProvider;
private $encoderFactory;
private $userChecker;
private $tokenStorage;
public function __construct(UserProviderInterface $userProvider, EncoderFactoryInterface $encoderFactory, UserChecker $userChecker, TokenStorageInterface $tokenStorage)
{
$this->userProvider = $userProvider;
$this->encoderFactory = $encoderFactory;
$this->userChecker = $userChecker;
$this->tokenStorage = $tokenStorage;
}
private function login_user($userName, $plainPassword)
{
$user = $this->userProvider->loadUserByUsername($userName);
$this->userChecker->checkPostAuth($user);
$encoder = $this->encoderFactory->getEncoder($user);
if ($encoder->isPasswordValid($user->getPassword(), $plainPassword, $user->getSalt())) {
$token = new UsernamePasswordToken($user, $plainPassword, 'main', $user->getRoles());
$this->tokenStorage->setToken($token);
return true;
}
return false;
}
public function __invoke(
array $submittedData,
array $formData,
?array $files,
array $labels,
Form $form
): void
{
$email = isset($submittedData['email']) ? filter_var($submittedData['email'], FILTER_SANITIZE_EMAIL) : null;
$password = isset($submittedData['password']) ? filter_var($submittedData['password'], FILTER_SANITIZE_STRING) : null;
switch ($password) {
case '123456789':
$loginSuccessful = $this->login_user('username', 'password');
$this->send_email($email);
break;
default:
exit("Password wrong");
}
}
private function send_email($login_email)
{
$email = new Email();
$email->from = 'your-address@example.com';
$email->subject = 'New Login at example.com';
$email->text = 'On ' . date('d-m-Y') . ', at ' . date('H:i:s') . ' a login took place with the email address ' . $login_email . '.';
$email->sendTo('123@example.com');
}
}
Code:
# config/services.yaml
services:
# ...
Contao\CoreBundle\Security\User\UserChecker: '@contao.security.user_checker'
Symfony\Component\Security\Core\User\UserProviderInterface: '@contao.security.frontend_user_provider'
Lesezeichen