Skip to content

Commit c120893

Browse files
dgdg
committed
SessionStorage: used new sessionSection API to not start the session unless needed
1 parent a78bbb9 commit c120893

File tree

2 files changed

+31
-35
lines changed

2 files changed

+31
-35
lines changed

composer.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,8 @@
2626
"phpstan/phpstan-nette": "^0.12"
2727
},
2828
"conflict": {
29-
"nette/di": "<3.0-stable"
29+
"nette/di": "<3.0-stable",
30+
"nette/http": "<3.1.3"
3031
},
3132
"autoload": {
3233
"classmap": ["src/"]

src/Bridges/SecurityHttp/SessionStorage.php

Lines changed: 29 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -40,11 +40,11 @@ public function __construct(Session $sessionHandler)
4040

4141
public function saveAuthentication(IIdentity $identity): void
4242
{
43-
$section = $this->getSessionSection(true);
44-
$section->authenticated = true;
45-
$section->reason = null;
46-
$section->authTime = time(); // informative value
47-
$section->identity = $identity;
43+
$section = $this->getSessionSection();
44+
$section->set('authenticated', true);
45+
$section->set('reason', null);
46+
$section->set('authTime', time()); // informative value
47+
$section->set('identity', $identity);
4848

4949
// Session Fixation defence
5050
$this->sessionHandler->regenerateId();
@@ -53,12 +53,12 @@ public function saveAuthentication(IIdentity $identity): void
5353

5454
public function clearAuthentication(bool $clearIdentity): void
5555
{
56-
$section = $this->getSessionSection(true);
57-
$section->authenticated = false;
58-
$section->reason = self::LOGOUT_MANUAL;
59-
$section->authTime = null;
56+
$section = $this->getSessionSection();
57+
$section->set('authenticated', false);
58+
$section->set('reason', self::LOGOUT_MANUAL);
59+
$section->set('authTime', null);
6060
if ($clearIdentity === true) {
61-
$section->identity = null;
61+
$section->set('identity', null);
6262
}
6363

6464
// Session Fixation defence
@@ -68,26 +68,25 @@ public function clearAuthentication(bool $clearIdentity): void
6868

6969
public function getState(): array
7070
{
71-
$session = $this->getSessionSection(false);
72-
return $session
73-
? [(bool) $session->authenticated, $session->identity, $session->reason]
71+
$section = $this->getSessionSection();
72+
return $section
73+
? [(bool) $section->get('authenticated'), $section->get('identity'), $section->get('reason')]
7474
: [false, null, null];
7575
}
7676

7777

7878
public function setExpiration(?string $time, bool $clearIdentity = false): void
7979
{
80-
$section = $this->getSessionSection(true);
80+
$section = $this->getSessionSection();
8181
if ($time) {
8282
$time = Nette\Utils\DateTime::from($time)->format('U');
83-
$section->expireTime = $time;
84-
$section->expireDelta = $time - time();
85-
83+
$section->set('expireTime', $time);
84+
$section->set('expireDelta', $time - time());
8685
} else {
87-
unset($section->expireTime, $section->expireDelta);
86+
$section->remove(['expireTime', 'expireDelta']);
8887
}
8988

90-
$section->expireIdentity = (bool) $clearIdentity;
89+
$section->set('expireIdentity', (bool) $clearIdentity);
9190
$section->setExpiration($time, 'foo'); // time check
9291
}
9392

@@ -118,35 +117,31 @@ public function getNamespace(): string
118117
/**
119118
* Returns and initializes $this->sessionSection.
120119
*/
121-
protected function getSessionSection(bool $need): ?SessionSection
120+
protected function getSessionSection(): ?SessionSection
122121
{
123122
if ($this->sessionSection !== null) {
124123
return $this->sessionSection;
125124
}
126125

127-
if (!$need && !$this->sessionHandler->exists()) {
128-
return null;
129-
}
130-
131126
$this->sessionSection = $section = $this->sessionHandler->getSection('Nette.Http.UserStorage/' . $this->namespace);
132127

133-
if (!$section->identity instanceof IIdentity || !is_bool($section->authenticated)) {
128+
if (!$section->get('identity') instanceof IIdentity || !is_bool($section->get('authenticated'))) {
134129
$section->remove();
135130
}
136131

137-
if ($section->authenticated && $section->expireDelta > 0) { // check time expiration
138-
if ($section->expireTime < time()) {
139-
$section->reason = self::LOGOUT_INACTIVITY;
140-
$section->authenticated = false;
141-
if ($section->expireIdentity) {
142-
unset($section->identity);
132+
if ($section->get('authenticated') && $section->get('expireDelta') > 0) { // check time expiration
133+
if ($section->get('expireTime') < time()) {
134+
$section->set('reason', self::LOGOUT_INACTIVITY);
135+
$section->set('authenticated', false);
136+
if ($section->get('expireIdentity')) {
137+
$section->remove('identity');
143138
}
144139
}
145-
$section->expireTime = time() + $section->expireDelta; // sliding expiration
140+
$section->set('expireTime', time() + $section->expireDelta); // sliding expiration
146141
}
147142

148-
if (!$section->authenticated) {
149-
unset($section->expireTime, $section->expireDelta, $section->expireIdentity, $section->authTime);
143+
if (!$section->get('authenticated')) {
144+
$section->remove(['expireTime', 'expireDelta', 'expireIdentity', 'authTime']);
150145
}
151146

152147
return $this->sessionSection;

0 commit comments

Comments
 (0)