Typo3 / Extbase backend / frontend user manual login

ext_localconf.php

<?php
\TYPO3\CMS\Extbase\Utility\ExtensionUtility::configurePlugin(
    'MyVendor.' . $_EXTKEY,
    'my_plugin',
    array(
        // My is MyController. myLogin is the action
        'My' => 'myLogin',
    ),
    array()
);

http post request

// this is how form field names should be. extension and plugin name included.
tx_myext_my_plugin[username]
tx_myext_my_plugin[password]

MyController.php

<?php
class MyController extends ActionController
{
    // ...

    /**
     * @var \TYPO3\CMS\Extbase\Mvc\View\JsonView
     */
    protected $view;

    /**
     * @var string
     */
    protected $defaultViewObjectName = JsonView::class;

    /**
     * $saltedPasswordService
     *
     * @var \TYPO3\CMS\Saltedpasswords\SaltedPasswordService
     * @inject
     */
    protected $saltedPasswordService = null;

    /**
     * $responseMessage
     * @var array
     */
    private $responseMessage = [];

    function initializeAction()
    {
        parent::initializeAction();
        $this->responseMessage['status'] = 'ERROR';
        $this->responseMessage['messages'] = [];
    }

    /**
     * my login action
     * @return string
     */
    public function myLoginAction()
    {
        if ($this->isUserValid()) {
            $this->responseMessage['status'] = 'SUCCESS';
        }

        $this->view->assign('value', $this->responseMessage);
        return $this->view->render();
    }

    /**
     * @return bool
     * @internal param array $responseMessage
     */
    private function isUserValid()
    {
        try {
            $username = $this->request->getArgument('username');
            $password = $this->request->getArgument('password');
        } catch (NoSuchArgumentException $ex) {
            $this->responseMessage['messages'][] = $ex->getMessage();
            return false;
        }

        $loginData=array(
            'uname' => $username,
            'uident_text'=> $password,
            'status' =>'login'
        );

        // $userAuth = $this->objectManager->get(FrontendUserAuthentication::class);
        $userAuth = $this->objectManager->get(BackendUserAuthentication::class);

        $userAuth->checkPid = false;
        $info = $userAuth->getAuthInfoArray();
        $user = $userAuth->fetchUserRecord($info['db_user'], $loginData['uname']);

        if (!$user) {
            $this->responseMessage['messages'][] = 'Invalid user';
            return $user;
        }

        $isValidLoginData = $this->saltedPasswordService->compareUident($user, $loginData);

        if (!$isValidLoginData) {
            $this->responseMessage['messages'][] = 'Invalid password';
            return $isValidLoginData;
        }

        return $isValidLoginData;
    }

    // ...
}

RealurlConfiguration.php

<?php
'preVars' => array(
      0 => array(
          'GETvar' => 'type',
          'valueMap' => array(
              // mysite.com/requestpath
              'requestpath' => 1452982642,
          ),
          'noMatch' => 'bypass',
      )
)

reference_file.php

<?php
// https://typo3.org/documentation/snippets/sd/227/

$loginData = array(
    'uname' => 'johndoe', //usernmae
    'uident_text'=> 'mypassword', //password
    'status' =>'login'
);
 
//do not use a particular pid
$GLOBALS['TSFE']->fe_user->checkPid = false;

$info = $GLOBALS['TSFE']->fe_user->getAuthInfoArray();
$user = $GLOBALS['TSFE']->fe_user->fetchUserRecord($info['db_user'] ,$loginData['uname']);

$ok = $GLOBALS['TSFE']->fe_user->compareUident($user, $loginData);
if ($ok) {
  //login successfull
  $GLOBALS['TSFE']->fe_user->createUserSession($user);
} else {
  //login failed
}

setup.txt

# https://usetypo3.com/json-view.html

api_tag = PAGE
api_tag {
	config {
		disableAllHeaderCode = 1
		debug = 0
		no_cache = 1
	}
	typeNum = 1452982642
	10 < tt_content.list.20.myext_my_plugin
}