sgalinski/sg-account

sgalinski Account - Extends Website user functionalities.

Maintainers

Details

gitlab.sgalinski.de/typo3/sg_account.git

Homepage

Issues

Installs: 0

Dependents: 0

Suggesters: 2

Security: 0

Type:typo3-cms-extension

11.0.10 2025-07-15 18:32 UTC

Requires

Suggests

  • sgalinski/project-base: Allows to use the countries inside of the Fluid templates.

Replaces

  • sgalinski/sg_account: 11.0.10

GPL-2.0-or-later 9e1884078f0642cc297a0a21cf85dcd9f6023c61

This package is not auto-updated.

Last update: 2025-07-19 09:45:54 UTC

README

License: GNU GPL, Version 2

Repository: https://gitlab.sgalinski.de/typo3/sg_account

Please report bugs here: https://gitlab.sgalinski.de/typo3/sg_account

About

This extension provides various frontend user functionalities for a TYPO3 installation.

Features:

  • Frontend User registration
  • Double Opt-in registration
  • Frontend User account overview
  • Frontend User profile editing
  • Avatar image upload
  • Gravatar integration
  • Frontend avatar image crop
  • Multiple email addresses with double opt-in validation
  • Frontend user login (with any email address saved for each user)
  • Facebook account login
  • Azure account login
  • Google account login
  • Auto login after Registration
  • Password recovery
  • FE user group mapping with OAuth login provider
  • update FE user group for OAuth login on login/register
  • Works with the TYPO3 password policies
  • Random password generation with respect to the defined policies (for FE and BE users)
  • FE 'Login As' feature for BE admin or editor
  • Backend Module for FE user management
  • Model Extensibility (with custom extension)

Integration

  • The TypoScript configuration ("SgAccount - Configuration") has to be included into your TypoScript template.

  • Add a new configuration for each site root with the FrontendUser backend module and adapt all settings of it. All the options are explained after the creation of the new configuration

  • Now you should create a new cron job within the scheduler backend module. This will check the consistence of the user data and prevent errors.

    • Class: Extbase CommandController Task
    • Type: Recurring
    • Frequency: Once a day
    • CommandController Command: SgConsistence CheckConsistence: checkConsistenceForDomainModel

  • After saving, you need to add arguments to the cron job. They will appear in the bottom.

    • domainNamespace: SGalinski\SgAccount\Domain\
    • domainModel: FrontendUser

Password Policies

The password policies can be configured just like any other TYPO3 password policy. Just add the policies for the extension as sg_account in your additional.php like this:

$GLOBALS['TYPO3_CONF_VARS']['SYS']['passwordPolicies'] = [
  'sg_account' => [
    'validators' => [
      \SGalinski\SgAccount\PasswordPolicy\Validator\PasswordValidator::class => [
        'options' => [
          'minLength' => 10,
          'minUppercaseLetters' => 1,
          'minLowercaseLetters' => 1,
          'minNumbers' => 1,
          'minSpecialCharacters' => 0,
          'acceptSpecialCharacters' => '!#$%&()*+,-./:;<=>?@[\]^_{|}~'
        ]
      ]
    ]
  ]
];
$GLOBALS['TYPO3_CONF_VARS']['FE']['passwordPolicy'] = 'sg_account';

Backend Module

The Backend module is found in the WEB section under the name Frontend Users

You can create a new frontend user by clicking on the New Website User button.

Edit
Disable/Enable
Delete
Show further information
Show history
Create a new user on this page
.... Expand/Collapse the options menu
Login with this user

Automated Email Messages

The extension uses sg_mail to configure email templates for the following email messages:

register_admin - sent to the specified Administrator address(es) after a new user registration.
register_user - sent to the registered user's address after registration or after email confirmation
                if 'enableEmailConfirmation' is set.
confirm_user - sent to the registered user's address after registration if 'enableEmailConfirmation' is set.
               It contains the email confirmation link.
confirm_email - sent if 'enableEmailConfirmation' is set, to an unconfirmed email address after a login atempt or
                if the user edits his email addresses. It contains the email confirmation link.
notify_admin - sent to the Administrator if a user record is pending removal for inactivity.
notify_user - sent to a user if his/her account is pending removal for inactivity.
deactivate_admin - sent to the Administrator if a user record was removed for inactivity.
deactivate_user - sent to a user if his/her account was removed for inactivity.

For more information about registering and configuring email templates please refer to the sg_mail documentation.

Rendering a profile image

sg_account comes with a viewhelper, that enables you to display a frontend users profile image inside a fluid template.

It takes the following arguments:

  • userUid: the uid of the user
  • width: the width of the image
  • height: the height of the image
  • defaultImageUri: path to a fallback/default image if no user profile image is set

Example usage:

{namespace sgAccount=SGalinski\sgAccount\ViewHelpers}
<sgAccount:getProfileImage userUid="100" width="20" height="20"/>

Redirect to the login for protected pages

Set up an error handler for HTTP code 403 that renders the login page. That's all!

Redirect to a page after login

If you set a link to a protected page, the user will be redirected to the login form if not currently logged in. By providing a URL via the redirect parameter, you can control the page the user will be redirected to after a successful login. It might be possible to adjust the redirect priority in order for the query parameter to work!

See the following examples where you want to redirect to `https://foobar.com/protected```.

From a link

Link to the login page with the escaped redirect URL as a querystring param.

Hint: if you generate the link via JavaScript, use the decodeURIComponent() function to escape the URL in the query string.

<a href="https://foobar.com/login?redirect=https%3A//foobar.com/protected">Login</a>

From inside the login form

See the following examples where you want to redirect to `https://foobar.com/protected```.

From a link

Link to the login page with the escaped redirect URL as a querystring param.

Hint: if you generate the link via JavaScript, use the decodeURIComponent() function to escape the URL in the query string.

<a href="https://foobar.com/login?redirect=https%3A//foobar.com/protected">Login</a>

From inside the login form

Include the following hidden input (or set the value if it's already included).

Note that the value has to contain the pathname and not the full URI.

<input type="hidden" name="redirect" value="/protected">

Event List

  • AfterCreateRedirectEvent : The PSR-14 event \SGalinski\SgAccount\Event\AfterCreateRedirectEvent is fired after a redirect in create action is created.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • getRequest() : get the current request
      • returns: \TYPO3\CMS\Extbase\Mvc\Request
    • getUriBuilder() : get the Extbase UriBuilder
      • returns: \TYPO3\CMS\Extbase\Mvc\Web\Routing\UriBuilder
  • AfterLoginEvent : The PSR-14 event \SGalinski\SgAccount\Event\AfterLoginEvent is fired upon login and before the redirect.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • getConfiguration() : get the current configuration
      • returns: \SGalinski\SgAccount\AccountConfiguration\AbstractConfiguration
    • getRedirectUrl() : get the redirect uri
      • returns: string
    • setRedirectUrl(string $redirectUrl) : set the redirect uri
      • param $redirectUrl: the redirect uri to set
      • returns: void
    • getFlashMessages() : get the flash messages
      • returns: \TYPO3\CMS\Extbase\Persistence\ObjectStorage
    • setFlashMessages(\TYPO3\CMS\Extbase\Persistence\ObjectStorage $flashMessages) : set the flash messages
      • param $flashMessages: the flash messages to set
      • returns: \TYPO3\CMS\Extbase\Persistence\ObjectStorage
    • hasFlashMessages() : checks whether there are any flash messages exists
      • returns: bool
  • AfterResetPasswordEvent : The PSR-14 event \SGalinski\SgAccount\Event\AfterResetPasswordEvent is fired upon updating user password.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • getSettings() : get the current settings
      • returns: array
    • getRedirectUrl() : get the redirect uri
      • returns: string
    • setRedirectUrl(string $redirectUrl) : set the redirect uri
      • param $redirectUrl: the redirect uri to set
      • returns: void
  • AfterWriteAndConsistDTOEvent : The PSR-14 event \SGalinski\SgAccount\Event\AfterWriteAndConsistDTOEvent is fired upon updating the given user data and before redirect.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • getSettings() : get the current settings
      • returns: array
    • getRedirectUrl() : get the redirect uri
      • returns: string
    • setRedirectUrl(string $redirectUrl) : set the redirect uri
      • param $redirectUrl: the redirect uri to set
      • returns: void
    • getFlashMessages() : get the flash messages
      • returns: \TYPO3\CMS\Extbase\Persistence\ObjectStorage
    • setFlashMessages(\TYPO3\CMS\Extbase\Persistence\ObjectStorage $flashMessages) : set the flash messages
      • param $flashMessages: the flash messages to set
      • returns: \TYPO3\CMS\Extbase\Persistence\ObjectStorage
    • hasFlashMessages() : checks whether there are any flash messages exists
      • returns: bool
  • BeforeConfirmUserEmailEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeConfirmUserEmailEvent is fired before confirming the email address of the given user.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • getService() : get the frontend user service
      • returns: \SGalinski\SgAccount\Domain\Service\FrontendUserService
  • BeforeCreateUserEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeCreateUserEvent is fired before creating the given user.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • setUser(\SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO $user) : set the user DTO
      • param $user: the current user DTO to set
      • returns: void
  • BeforeRenderEditFormEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeRenderEditFormEvent is fired before rendering the edit user form.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • setUser(\SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO $user) : set the user DTO
      • param $user: the current user DTO to set
      • returns: void
    • getView() : get the edit action view interface
      • returns: \TYPO3Fluid\Fluid\View\ViewInterface
    • viewAssign(string $name, mixed $var) : assign variables to the view
      • param $name: the name of variable in the view
      • param $user: the value of variable in the view
      • returns: void
    • getAll(s) : get all Variables to be returned
      • returns: array
  • BeforeRenderNewFormEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeRenderNewFormEvent is fired before rendering the register form.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • setUser(\SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO $user) : set the user DTO
      • param $user: the current user DTO to set
      • returns: void
    • getView() : get the register action view interface
      • returns: \TYPO3Fluid\Fluid\View\ViewInterface
    • viewAssign(string $name, mixed $var) : assign variables to the view
      • param $name: the name of variable in the view
      • param $user: the value of variable in the view
      • returns: void
    • getAll(s) : get all Variables to be returned
      • returns: array
  • BeforeRenderPasswordForgotEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeRenderPasswordForgotEvent is fired before rendering the forget password form.
    API:
    • getView() : get the forget password action view interface
      • returns: \TYPO3Fluid\Fluid\View\ViewInterface
    • getSettings() : get the current settings
      • returns: array
  • BeforeRenderResetPasswordEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeRenderResetPasswordEvent is fired before rendering the reset password form.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • getView() : get the forget password action view interface
      • returns: \TYPO3Fluid\Fluid\View\ViewInterface
    • getSettings() : get the current settings
      • returns: array
  • BeforeRenderShowLoginEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeRenderShowLoginEvent is fired before rendering the login form.
    API:
    • getView() : get the forget password action view interface
      • returns: \TYPO3Fluid\Fluid\View\ViewInterface
    • getSettings() : get the current settings
      • returns: array
  • BeforeResetPasswordEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeResetPasswordEvent is fired before resetting the password for the given user.
    API:
    • getView() : get the forget password action view interface
      • returns: \TYPO3Fluid\Fluid\View\ViewInterface
    • getSettings() : get the current settings
      • returns: array
  • BeforeSaveUserEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeSaveUserEvent is fired before saving the data the given user.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • setUser(\SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO $user) : set the user DTO
      • param $user: the current user DTO to set
      • returns: void
  • BeforeSendCreateUserMailsEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeSaveUserEvent is fired before sending an email for the newly created user
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO
    • setUser(\SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO $user) : set the user DTO
      • param $user: the current user DTO to set
      • returns: void
  • BeforeWriteAndConsistDTOEvent : The PSR-14 event \SGalinski\SgAccount\Event\BeforeSaveUserEvent is fired before updating the given user data and before redirect.
    API:
    • getUser() : get the current user DTO
      • returns: \SGalinski\SgAccount\AccountConfiguration\FrontendUser\AbstractFrontendUserDTO