Typo3: show login page for protected pages when user not is logged in
The problem: If you have pages which are only accessible for certain FE user groups, some of your users may bookmark these protected pages and return when they are not logged in (or you may send the URLs in a newsletter, etc.). Typo3 handles this case as a “404 Page not found” situation (I don’t know why they think 401/403 and 404 are the same, but I can’t change it).
So if you want to show a login form in this case, but a 404 error page if the page is “really” not there, you have to write a user-defined page-not-found-handling function. I have put it into fileadmin/404.php:
function pageNotFound($param, $ref) {
if (count($param["pageAccessFailureReasons"]["fe_group"])) {
header("HTTP/1.0 403 Forbidden");
$url = LOGIN_URL."?redirect_url=".$param["currentUrl"];
} else
$url = NOTFOUND_URL;
print file_get_contents($url);
}
}
Then set this in your typo3conf/localconf.php:
$TYPO3_CONF_VARS['FE']['pageNotFound_handling'] = 'USER_FUNCTION:fileadmin/404.php:user_pageNotFound->pageNotFound';
Put a felogin content element onto the login page (here: login.0.html) and set the redirect options like to: login,loginGroup,getpost
So, what happens if the user goes to a protected page when (s)he is not logged in?
- Typo3 detects that the page is not accessible and calls our page not found handler.
- The handler detects that it is not a real 404 error but the page is proected and redirects to login.0.html?redirect_url=<original url>
- The user logs on.
- Because getpost is set as a redirect option, the user comes back to <original url>.
Important hint: It took me hours to find out that the redirect options don’t work if the login page has front end user group privileges set. It seems to work only if it’s on a public page.
Also make sure that the LOGIN_URL is found on the system, or you will have a recursive loop calling the 404 page.