MediaWiki
1.27.0
|
Manages data for an an authenticated session. More...
Public Member Functions | |
__construct (SessionBackend $backend, $index, LoggerInterface $logger) | |
__destruct () | |
canSetUser () | |
Indicate whether the session user info can be changed. More... | |
clear () | |
Delete all session data and clear the user (if possible) More... | |
delaySave () | |
Delay automatic saving while multiple updates are being made. More... | |
exists ($key) | |
Test if a value exists in the session. More... | |
get ($key, $default=null) | |
Fetch a value from the session. More... | |
getAllowedUserRights () | |
Fetch the rights allowed the user when this session is active. More... | |
getId () | |
Returns the session ID. More... | |
getLoggedOutTimestamp () | |
Fetch the "logged out" timestamp. More... | |
getProvider () | |
Fetch the SessionProvider for this session. More... | |
getProviderMetadata () | |
Fetch provider metadata. More... | |
getRequest () | |
Returns the request associated with this session. More... | |
getSecret ($key, $default=null) | |
Fetch a value from the session that was set with self::setSecret() More... | |
getSessionId () | |
Returns the SessionId object. More... | |
getToken ($salt= '', $key= 'default') | |
Fetch a CSRF token from the session. More... | |
getUser () | |
Returns the authenticated user for this session. More... | |
isPersistent () | |
Indicate whether this session is persisted across requests. More... | |
persist () | |
Make this session persisted across requests. More... | |
remove ($key) | |
Remove a value from the session. More... | |
renew () | |
Renew the session. More... | |
resetAllTokens () | |
Remove all CSRF tokens from the session. More... | |
resetId () | |
Changes the session ID. More... | |
resetToken ($key= 'default') | |
Remove a CSRF token from the session. More... | |
save () | |
Save the session. More... | |
sessionWithRequest (WebRequest $request) | |
Fetch a copy of this session attached to an alternative WebRequest. More... | |
set ($key, $value) | |
Set a value in the session. More... | |
setForceHTTPS ($force) | |
Set whether HTTPS should be forced. More... | |
setLoggedOutTimestamp ($ts) | |
Set the "logged out" timestamp. More... | |
setRememberUser ($remember) | |
Set whether the user should be remembered independently of the session ID. More... | |
setSecret ($key, $value) | |
Set a value in the session, encrypted. More... | |
setUser ($user) | |
Set a new user for this session. More... | |
shouldForceHTTPS () | |
Whether HTTPS should be forced. More... | |
shouldRememberUser () | |
Indicate whether the user should be remembered independently of the session ID. More... | |
suggestLoginUsername () | |
Get a suggested username for the login form. More... | |
unpersist () | |
Make this session not be persisted across requests. More... | |
Interface methods | |
count () | |
current () | |
key () | |
next () | |
rewind () | |
valid () | |
offsetExists ($offset) | |
& | offsetGet ($offset) |
offsetSet ($offset, $value) | |
offsetUnset ($offset) | |
Private Member Functions | |
getSecretKeys () | |
Fetch the secret keys for self::setSecret() and self::getSecret(). More... | |
Private Attributes | |
SessionBackend | $backend |
Session backend. More... | |
int | $index |
Session index. More... | |
LoggerInterface | $logger |
Manages data for an an authenticated session.
A Session represents the fact that the current HTTP request is part of a session. There are two broad types of Sessions, based on whether they return true or false from self::canSetUser():
The Session object also serves as a replacement for PHP's $_SESSION, managing access to per-session data.
Definition at line 48 of file Session.php.
MediaWiki\Session\Session::__construct | ( | SessionBackend | $backend, |
$index, | |||
LoggerInterface | $logger | ||
) |
SessionBackend | $backend | |
int | $index | |
LoggerInterface | $logger |
Definition at line 63 of file Session.php.
References MediaWiki\Session\Session\$backend, MediaWiki\Session\Session\$index, and MediaWiki\Session\Session\$logger.
MediaWiki\Session\Session::__destruct | ( | ) |
Definition at line 69 of file Session.php.
MediaWiki\Session\Session::canSetUser | ( | ) |
Indicate whether the session user info can be changed.
Definition at line 180 of file Session.php.
MediaWiki\Session\Session::clear | ( | ) |
Delete all session data and clear the user (if possible)
Definition at line 247 of file Session.php.
MediaWiki\Session\Session::count | ( | ) |
Definition at line 555 of file Session.php.
Referenced by MediaWiki\Session\Session\getSecret().
MediaWiki\Session\Session::current | ( | ) |
Definition at line 560 of file Session.php.
MediaWiki\Session\Session::delaySave | ( | ) |
Delay automatic saving while multiple updates are being made.
Calls to save() or clear() will not be delayed.
Definition at line 539 of file Session.php.
MediaWiki\Session\Session::exists | ( | $key | ) |
Test if a value exists in the session.
string | int | $key |
Definition at line 300 of file Session.php.
References $key.
MediaWiki\Session\Session::get | ( | $key, | |
$default = null |
|||
) |
Fetch a value from the session.
string | int | $key | |
mixed | $default | Returned if $this->exists( $key ) would be false |
Definition at line 289 of file Session.php.
References $key.
MediaWiki\Session\Session::getAllowedUserRights | ( | ) |
Fetch the rights allowed the user when this session is active.
Definition at line 172 of file Session.php.
MediaWiki\Session\Session::getId | ( | ) |
MediaWiki\Session\Session::getLoggedOutTimestamp | ( | ) |
MediaWiki\Session\Session::getProvider | ( | ) |
Fetch the SessionProvider for this session.
Definition at line 102 of file Session.php.
MediaWiki\Session\Session::getProviderMetadata | ( | ) |
Fetch provider metadata.
Definition at line 240 of file Session.php.
MediaWiki\Session\Session::getRequest | ( | ) |
Returns the request associated with this session.
Definition at line 156 of file Session.php.
MediaWiki\Session\Session::getSecret | ( | $key, | |
$default = null |
|||
) |
Fetch a value from the session that was set with self::setSecret()
string | int | $key | |
mixed | $default | Returned if $this->exists( $key ) would be false or decryption fails |
Definition at line 461 of file Session.php.
References $key, $serialized, $value, MediaWiki\Session\Session\count(), MediaWiki\Session\Session\getSecretKeys(), global, list, serialize(), and unserialize().
|
private |
Fetch the secret keys for self::setSecret() and self::getSecret().
Definition at line 386 of file Session.php.
References MWCryptRand\generateHex(), global, and MediaWiki\Session\Session\set().
Referenced by MediaWiki\Session\Session\getSecret(), and MediaWiki\Session\Session\setSecret().
MediaWiki\Session\Session::getSessionId | ( | ) |
Returns the SessionId object.
Definition at line 86 of file Session.php.
MediaWiki\Session\Session::getToken | ( | $salt = '' , |
|
$key = 'default' |
|||
) |
Fetch a CSRF token from the session.
Note that this does not persist the session, which you'll probably want to do if you want the token to actually be useful.
Definition at line 340 of file Session.php.
References $key, MWCryptRand\generateHex(), and MediaWiki\Session\Session\set().
MediaWiki\Session\Session::getUser | ( | ) |
Returns the authenticated user for this session.
Definition at line 164 of file Session.php.
MediaWiki\Session\Session::isPersistent | ( | ) |
Indicate whether this session is persisted across requests.
For example, if cookies are set.
Definition at line 113 of file Session.php.
MediaWiki\Session\Session::key | ( | ) |
Definition at line 565 of file Session.php.
Referenced by MediaWiki\Session\Session\valid().
MediaWiki\Session\Session::next | ( | ) |
Definition at line 570 of file Session.php.
MediaWiki\Session\Session::offsetExists | ( | $offset | ) |
Definition at line 589 of file Session.php.
& MediaWiki\Session\Session::offsetGet | ( | $offset | ) |
Definition at line 601 of file Session.php.
MediaWiki\Session\Session::offsetSet | ( | $offset, | |
$value | |||
) |
Definition at line 610 of file Session.php.
References $value, and MediaWiki\Session\Session\set().
MediaWiki\Session\Session::offsetUnset | ( | $offset | ) |
Definition at line 614 of file Session.php.
MediaWiki\Session\Session::persist | ( | ) |
Make this session persisted across requests.
If the session is already persistent, equivalent to calling $this->renew().
Definition at line 123 of file Session.php.
MediaWiki\Session\Session::remove | ( | $key | ) |
Remove a value from the session.
string | int | $key |
Definition at line 322 of file Session.php.
References $key.
MediaWiki\Session\Session::renew | ( | ) |
Renew the session.
Resets the TTL in the backend store if the session is near expiring, and re-persists the session to any active WebRequests if persistent.
Definition at line 265 of file Session.php.
MediaWiki\Session\Session::resetAllTokens | ( | ) |
Remove all CSRF tokens from the session.
Definition at line 378 of file Session.php.
MediaWiki\Session\Session::resetId | ( | ) |
Changes the session ID.
Definition at line 94 of file Session.php.
MediaWiki\Session\Session::resetToken | ( | $key = 'default' | ) |
Remove a CSRF token from the session.
The next call to self::getToken() with $key will generate a new secret.
string | $key | Token key |
Definition at line 367 of file Session.php.
References $key, and MediaWiki\Session\Session\set().
MediaWiki\Session\Session::rewind | ( | ) |
Definition at line 575 of file Session.php.
MediaWiki\Session\Session::save | ( | ) |
Save the session.
Definition at line 546 of file Session.php.
MediaWiki\Session\Session::sessionWithRequest | ( | WebRequest | $request | ) |
Fetch a copy of this session attached to an alternative WebRequest.
Actions on the copy will affect this session too, and vice versa.
WebRequest | $request | Any existing session associated with this WebRequest object will be overwritten. |
Definition at line 278 of file Session.php.
References WebRequest\setSessionId().
MediaWiki\Session\Session::set | ( | $key, | |
$value | |||
) |
Set a value in the session.
string | int | $key | |
mixed | $value |
Definition at line 310 of file Session.php.
Referenced by MediaWiki\Session\Session\getSecretKeys(), MediaWiki\Session\Session\getToken(), MediaWiki\Session\Session\offsetSet(), MediaWiki\Session\Session\resetToken(), and MediaWiki\Session\Session\setSecret().
MediaWiki\Session\Session::setForceHTTPS | ( | $force | ) |
Set whether HTTPS should be forced.
bool | $force |
Definition at line 215 of file Session.php.
MediaWiki\Session\Session::setLoggedOutTimestamp | ( | $ts | ) |
MediaWiki\Session\Session::setRememberUser | ( | $remember | ) |
Set whether the user should be remembered independently of the session ID.
bool | $remember |
Definition at line 148 of file Session.php.
MediaWiki\Session\Session::setSecret | ( | $key, | |
$value | |||
) |
Set a value in the session, encrypted.
This relies on the secrecy of $wgSecretKey (by default), or $wgSessionSecret.
string | int | $key | |
mixed | $value |
Definition at line 411 of file Session.php.
References $key, $serialized, $value, MWCryptRand\generate(), MediaWiki\Session\Session\getSecretKeys(), global, list, serialize(), and MediaWiki\Session\Session\set().
MediaWiki\Session\Session::setUser | ( | $user | ) |
MediaWiki\Session\Session::shouldForceHTTPS | ( | ) |
MediaWiki\Session\Session::shouldRememberUser | ( | ) |
Indicate whether the user should be remembered independently of the session ID.
Definition at line 139 of file Session.php.
MediaWiki\Session\Session::suggestLoginUsername | ( | ) |
Get a suggested username for the login form.
Definition at line 199 of file Session.php.
MediaWiki\Session\Session::unpersist | ( | ) |
Make this session not be persisted across requests.
Definition at line 130 of file Session.php.
MediaWiki\Session\Session::valid | ( | ) |
Definition at line 580 of file Session.php.
References MediaWiki\Session\Session\key().
|
private |
Session backend.
Definition at line 50 of file Session.php.
Referenced by MediaWiki\Session\Session\__construct().
|
private |
Session index.
Definition at line 53 of file Session.php.
Referenced by MediaWiki\Session\Session\__construct().
|
private |
Definition at line 56 of file Session.php.
Referenced by MediaWiki\Session\Session\__construct().