Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Neos Flow Authentication Provider Request Pattern matching Neos Sites by their node name
namespace Some\Package;
use Neos\Flow\Annotations as Flow;
use Neos\Flow\Mvc\ActionRequest;
use Neos\Flow\Mvc\RequestInterface;
use Neos\Flow\Security\Context;
use Neos\Flow\Security\Exception as SecurityException;
use Neos\Flow\Security\Exception\InvalidRequestPatternException;
use Neos\Flow\Security\RequestPatternInterface;
use Neos\Neos\Domain\Model\Domain;
use Neos\Neos\Domain\Repository\DomainRepository;
* Request Pattern to match Neos Sites
final class SiteRequestPattern implements RequestPatternInterface
* @Flow\Inject
* @var DomainRepository
protected $domainRepository;
* @Flow\Inject
* @var Context
protected $securityContext;
* @var string
private $siteNodeName;
* @param array $options
* @throws InvalidRequestPatternException
public function __construct(array $options)
if (!isset($options['siteNodeName'])) {
throw new InvalidRequestPatternException('Missing option "siteNodeName" in the Host request pattern configuration', 1559744836);
$this->siteNodeName = $options['siteNodeName'];
* @param RequestInterface $request
* @return bool
* @throws SecurityException
public function matchRequest(RequestInterface $request): bool
if (!$request instanceof ActionRequest) {
throw new SecurityException('This pattern can only act on instances of ActionRequest', 1559747092);
$hostName = $request->getHttpRequest()->getUri()->getHost();
/** @var Domain|null $domain */
$domain = null;
try {
$this->securityContext->withoutAuthorizationChecks(function () use ($hostName, &$domain) {
$domain = $this->domainRepository->findOneByHost($hostName, true);
} catch (\Exception $e) {
throw new SecurityException(sprintf('Exception while trying to determine active host: %s', $e->getMessage()), 1559747092, $e);
if ($domain === null) {
throw new SecurityException(sprintf('No active domain could be found for the current host ("%s")', $hostName), 1559747092);
$site = $domain->getSite();
// HACK the provider is currently triggered twice - the first time doctrine is not initialized properly..
if ($site->getNodeName() === null) {
return false;
return $domain->getSite()->getNodeName() === $this->siteNodeName;

This comment has been minimized.

Copy link
Owner Author

@bwaidelich bwaidelich commented Jun 6, 2019


            provider: 'Some\Package\SomeProvider'
                pattern: 'Some\Package\SiteRequestPattern'
                  'siteNodeName': 'some-site'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment