contao · leofeyer · Aug 11, 2022 · Jul 8, 2022 · Jul 8, 2022 · Jul 8, 2022
diff --git a/core-bundle/src/EventListener/LegacyLoginConstantsListener.php b/core-bundle/src/EventListener/LegacyLoginConstantsListener.php
@@ -0,0 +1,39 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of Contao.
+ *
+ * (c) Leo Feyer
+ *
+ * @license LGPL-3.0-or-later
+ */
+
+namespace Contao\CoreBundle\EventListener;
+
+use Contao\CoreBundle\Framework\ContaoFramework;
+use Symfony\Component\HttpKernel\Event\RequestEvent;
+
+/**
+ * @internal
+ *
+ * @deprecated Deprecated since Contao 4.9, to be removed in Contao 5.0
+ */
+class LegacyLoginConstantsListener
+{
+    /**
+     * @var ContaoFramework
+     */
+    private $framework;
+
+    public function __construct(ContaoFramework $framework)
+    {
+        $this->framework = $framework;
+    }
+
+    public function __invoke(RequestEvent $event): void
+    {
+        $this->framework->setLoginConstants();
+    }
+}
diff --git a/core-bundle/src/Framework/ContaoFramework.php b/core-bundle/src/Framework/ContaoFramework.php
@@ -96,6 +96,11 @@ class ContaoFramework implements ContaoFrameworkInterface, ContainerAwareInterfa
      */
     private $hookListeners = [];
 
+    /**
+     * @var bool
+     */
+    private $setLoginConstantsOnInit = false;
+
     public function __construct(RequestStack $requestStack, ScopeMatcher $scopeMatcher, TokenChecker $tokenChecker, Filesystem $filesystem, string $projectDir, int $errorLevel)
     {
         $this->requestStack = $requestStack;
@@ -176,6 +181,27 @@ public function getAdapter($class): Adapter
         return $this->adapterCache[$class];
     }
 
+    /**
+     * @deprecated Deprecated since Contao 4.9, to be removed in Contao 5.0
+     */
+    public function setLoginConstants(): void
+    {
+        // If the framework has not been initialized yet, set the login constants on init (#4968)
+        if (!$this->isInitialized()) {
+            $this->setLoginConstantsOnInit = true;
+
+            return;
+        }
+
+        if ('FE' === $this->getMode()) {
+            \define('BE_USER_LOGGED_IN', $this->tokenChecker->hasBackendUser() && $this->tokenChecker->isPreviewMode());
+            \define('FE_USER_LOGGED_IN', $this->tokenChecker->hasFrontendUser());
+        } else {
+            \define('BE_USER_LOGGED_IN', false);
+            \define('FE_USER_LOGGED_IN', false);
+        }
+    }
+
     /**
      * @deprecated Deprecated since Contao 4.0, to be removed in Contao 5.0
      */
@@ -194,14 +220,8 @@ private function setConstants(): void
         }
 
         // Define the login status constants (see #4099, #5279)
-        if ('FE' === $this->getMode() && ($session = $this->getSession()) && $this->request->hasPreviousSession()) {
-            $session->start();
-
-            \define('BE_USER_LOGGED_IN', $this->tokenChecker->hasBackendUser() && $this->tokenChecker->isPreviewMode());
-            \define('FE_USER_LOGGED_IN', $this->tokenChecker->hasFrontendUser());
-        } else {
-            \define('BE_USER_LOGGED_IN', false);
-            \define('FE_USER_LOGGED_IN', false);
+        if ($this->setLoginConstantsOnInit || null === $this->requestStack->getCurrentRequest()) {
+            $this->setLoginConstants();
         }
 
         // Define the relative path to the installation (see #5339)

diff --git a/core-bundle/src/Resources/config/listener.yml b/core-bundle/src/Resources/config/listener.yml
@@ -168,6 +168,14 @@ services:
         tags:
             - { name: contao.hook, hook: replaceInsertTags }
 
+    contao.listener.legacy_login_constants:
+        class: Contao\CoreBundle\EventListener\LegacyLoginConstantsListener
+        arguments:
+            - '@contao.framework'
+        tags:
+            # The priority must be lower than the one of the firewall listener (defaults to 8)
+            - { name: kernel.event_listener, priority: 7 }
+
     contao.listener.locale:
         class: Contao\CoreBundle\EventListener\LocaleSubscriber
         arguments:

diff --git a/core-bundle/tests/Framework/ContaoFrameworkTest.php b/core-bundle/tests/Framework/ContaoFrameworkTest.php
@@ -57,15 +57,13 @@ public function testInitializesTheFrameworkWithAFrontEndRequest(): void
         $this->assertTrue(\defined('TL_ROOT'));
         $this->assertTrue(\defined('TL_REFERER_ID'));
         $this->assertTrue(\defined('TL_SCRIPT'));
-        $this->assertTrue(\defined('BE_USER_LOGGED_IN'));
-        $this->assertTrue(\defined('FE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('BE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('FE_USER_LOGGED_IN'));
         $this->assertTrue(\defined('TL_PATH'));
         $this->assertSame('FE', TL_MODE);
         $this->assertSame($this->getTempDir(), TL_ROOT);
         $this->assertSame('', TL_REFERER_ID);
         $this->assertSame('index.html', TL_SCRIPT);
-        $this->assertFalse(BE_USER_LOGGED_IN);
-        $this->assertFalse(FE_USER_LOGGED_IN);
         $this->assertSame('', TL_PATH);
         $this->assertSame('en', $GLOBALS['TL_LANGUAGE']);
     }
@@ -91,15 +89,13 @@ public function testInitializesTheFrameworkWithABackEndRequest(): void
         $this->assertTrue(\defined('TL_ROOT'));
         $this->assertTrue(\defined('TL_REFERER_ID'));
         $this->assertTrue(\defined('TL_SCRIPT'));
-        $this->assertTrue(\defined('BE_USER_LOGGED_IN'));
-        $this->assertTrue(\defined('FE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('BE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('FE_USER_LOGGED_IN'));
         $this->assertTrue(\defined('TL_PATH'));
         $this->assertSame('BE', TL_MODE);
         $this->assertSame($this->getTempDir(), TL_ROOT);
         $this->assertSame('foobar', TL_REFERER_ID);
         $this->assertSame('contao/login', TL_SCRIPT);
-        $this->assertFalse(BE_USER_LOGGED_IN);
-        $this->assertFalse(FE_USER_LOGGED_IN);
         $this->assertSame('', TL_PATH);
         $this->assertSame('de', $GLOBALS['TL_LANGUAGE']);
     }
@@ -201,15 +197,13 @@ public function testInitializesTheFrameworkWithAnInsecurePath(): void
         $this->assertTrue(\defined('TL_ROOT'));
         $this->assertTrue(\defined('TL_REFERER_ID'));
         $this->assertTrue(\defined('TL_SCRIPT'));
-        $this->assertTrue(\defined('BE_USER_LOGGED_IN'));
-        $this->assertTrue(\defined('FE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('BE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('FE_USER_LOGGED_IN'));
         $this->assertTrue(\defined('TL_PATH'));
         $this->assertSame('FE', TL_MODE);
         $this->assertSame($this->getTempDir(), TL_ROOT);
         $this->assertSame('', TL_REFERER_ID);
         $this->assertSame('index.php/index.html', TL_SCRIPT);
-        $this->assertFalse(BE_USER_LOGGED_IN);
-        $this->assertFalse(FE_USER_LOGGED_IN);
         $this->assertSame('/contao4/web', TL_PATH);
     }
 
@@ -232,22 +226,80 @@ public function testInitializesTheFrameworkWithoutAScope(): void
         $this->assertTrue(\defined('TL_ROOT'));
         $this->assertTrue(\defined('TL_REFERER_ID'));
         $this->assertTrue(\defined('TL_SCRIPT'));
-        $this->assertTrue(\defined('BE_USER_LOGGED_IN'));
-        $this->assertTrue(\defined('FE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('BE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('FE_USER_LOGGED_IN'));
         $this->assertTrue(\defined('TL_PATH'));
         $this->assertNull(TL_MODE);
         $this->assertSame($this->getTempDir(), TL_ROOT);
         $this->assertSame('foobar', TL_REFERER_ID);
         $this->assertSame('contao/login', TL_SCRIPT);
+        $this->assertSame('', TL_PATH);
+    }
+
+    /**
+     * @runInSeparateProcess
+     * @preserveGlobalState disabled
+     */
+    public function testDoesNotSetTheLoginConstantsOnInit(): void
+    {
+        $request = Request::create('/index.html');
+        $request->attributes->set('_route', 'dummy');
+        $request->attributes->set('_scope', 'frontend');
+
+        $framework = $this->mockFramework($request);
+        $framework->setContainer($this->getContainerWithContaoConfiguration());
+        $framework->initialize();
+
+        $this->assertFalse(\defined('BE_USER_LOGGED_IN'));
+        $this->assertFalse(\defined('FE_USER_LOGGED_IN'));
+    }
+
+    /**
+     * @runInSeparateProcess
+     * @preserveGlobalState disabled
+     */
+    public function testSetsTheLoginConstantsOnInitIfEnabled(): void
+    {
+        $request = Request::create('/index.html');
+        $request->attributes->set('_route', 'dummy');
+        $request->attributes->set('_scope', 'frontend');
+
+        $framework = $this->mockFramework($request);
+        $framework->setContainer($this->getContainerWithContaoConfiguration());
+
+        // Call setLoginConstants before initialize
+        $framework->setLoginConstants();
+
+        $framework->initialize();
+
+        $this->assertTrue(\defined('BE_USER_LOGGED_IN'));
+        $this->assertTrue(\defined('FE_USER_LOGGED_IN'));
         $this->assertFalse(BE_USER_LOGGED_IN);
         $this->assertFalse(FE_USER_LOGGED_IN);
-        $this->assertSame('', TL_PATH);
     }
 
     /**
      * @runInSeparateProcess
      * @preserveGlobalState disabled
      */
+    public function testSetsTheLoginConstantsOnInitIfThereIsNoRequest(): void
+    {
+        $framework = $this->mockFramework();
+        $framework->setContainer($this->getContainerWithContaoConfiguration());
+        $framework->initialize();
+
+        $this->assertTrue(\defined('BE_USER_LOGGED_IN'));
+        $this->assertTrue(\defined('FE_USER_LOGGED_IN'));
+        $this->assertFalse(BE_USER_LOGGED_IN);
+        $this->assertFalse(FE_USER_LOGGED_IN);
+    }
+
+    /**
+     * @runInSeparateProcess
+     * @preserveGlobalState disabled
+     * @group legacy
+     * @expectedDeprecation Using $_SESSION has been deprecated and will no longer work in Contao 5.0. Use the Symfony session instead.
+     */
     public function testInitializesTheFrameworkInPreviewMode(): void
     {
         $beBag = new ArrayAttributeBag();
@@ -289,6 +341,7 @@ public function testInitializesTheFrameworkInPreviewMode(): void
         $framework = $this->mockFramework($request, null, $tokenChecker);
         $framework->setContainer($this->getContainerWithContaoConfiguration());
         $framework->initialize();
+        $framework->setLoginConstants();
 
         $this->assertTrue(\defined('TL_MODE'));
         $this->assertTrue(\defined('TL_START'));
@@ -318,13 +371,13 @@ public function testDoesNotInitializeTheFrameworkTwice(): void
     {
         $scopeMatcher = $this->createMock(ScopeMatcher::class);
         $scopeMatcher
-            ->expects($this->exactly(2))
+            ->expects($this->exactly(1))
             ->method('isBackendRequest')
             ->willReturn(false)
         ;
 
         $scopeMatcher
-            ->expects($this->exactly(2))
+            ->expects($this->exactly(1))
             ->method('isFrontendRequest')
             ->willReturn(false)
         ;