MediaWiki REL1_27
|
Manages data for an an authenticated session. More...
Public Member Functions | |
__construct (SessionBackend $backend, $index, LoggerInterface $logger) | |
__destruct () | |
canSetUser () | |
Indicate whether the session user info can be changed. | |
clear () | |
Delete all session data and clear the user (if possible) | |
delaySave () | |
Delay automatic saving while multiple updates are being made. | |
exists ( $key) | |
Test if a value exists in the session. | |
get ( $key, $default=null) | |
Fetch a value from the session. | |
getAllowedUserRights () | |
Fetch the rights allowed the user when this session is active. | |
getId () | |
Returns the session ID. | |
getLoggedOutTimestamp () | |
Fetch the "logged out" timestamp. | |
getProvider () | |
Fetch the SessionProvider for this session. | |
getProviderMetadata () | |
Fetch provider metadata. | |
getRequest () | |
Returns the request associated with this session. | |
getSecret ( $key, $default=null) | |
Fetch a value from the session that was set with self::setSecret() | |
getSessionId () | |
Returns the SessionId object. | |
getToken ( $salt='', $key='default') | |
Fetch a CSRF token from the session. | |
getUser () | |
Returns the authenticated user for this session. | |
isPersistent () | |
Indicate whether this session is persisted across requests. | |
persist () | |
Make this session persisted across requests. | |
remove ( $key) | |
Remove a value from the session. | |
renew () | |
Renew the session. | |
resetAllTokens () | |
Remove all CSRF tokens from the session. | |
resetId () | |
Changes the session ID. | |
resetToken ( $key='default') | |
Remove a CSRF token from the session. | |
save () | |
Save the session. | |
sessionWithRequest (WebRequest $request) | |
Fetch a copy of this session attached to an alternative WebRequest. | |
set ( $key, $value) | |
Set a value in the session. | |
setForceHTTPS ( $force) | |
Set whether HTTPS should be forced. | |
setLoggedOutTimestamp ( $ts) | |
Set the "logged out" timestamp. | |
setRememberUser ( $remember) | |
Set whether the user should be remembered independently of the session ID. | |
setSecret ( $key, $value) | |
Set a value in the session, encrypted. | |
setUser ( $user) | |
Set a new user for this session. | |
shouldForceHTTPS () | |
Whether HTTPS should be forced. | |
shouldRememberUser () | |
Indicate whether the user should be remembered independently of the session ID. | |
suggestLoginUsername () | |
Get a suggested username for the login form. | |
unpersist () | |
Make this session not be persisted across requests. | |
Interface methods | |
count () | |
current () | |
key () | |
next () | |
rewind () | |
valid () | |
offsetExists ( $offset) | |
& | offsetGet ( $offset) |
offsetSet ( $offset, $value) | |
offsetUnset ( $offset) | |
Private Member Functions | |
getSecretKeys () | |
Fetch the secret keys for self::setSecret() and self::getSecret(). | |
Static Private Member Functions | |
static | getEncryptionAlgorithm () |
Decide what type of encryption to use, based on system capabilities. | |
Private Attributes | |
SessionBackend | $backend |
Session backend. | |
int | $index |
Session index. | |
LoggerInterface | $logger |
Static Private Attributes | |
static null string[] | $encryptionAlgorithm = null |
Encryption algorithm to use. | |
Manages data for an an authenticated session.
A Session represents the fact that the current HTTP request is part of a session. There are two broad types of Sessions, based on whether they return true or false from self::canSetUser():
The Session object also serves as a replacement for PHP's $_SESSION, managing access to per-session data.
Definition at line 48 of file Session.php.
MediaWiki\Session\Session::__construct | ( | SessionBackend | $backend, |
$index, | |||
LoggerInterface | $logger | ||
) |
SessionBackend | $backend | |
int | $index | |
LoggerInterface | $logger |
Definition at line 66 of file Session.php.
References MediaWiki\Session\Session\$backend, MediaWiki\Session\Session\$index, and MediaWiki\Session\Session\$logger.
MediaWiki\Session\Session::__destruct | ( | ) |
Definition at line 72 of file Session.php.
MediaWiki\Session\Session::canSetUser | ( | ) |
Indicate whether the session user info can be changed.
Definition at line 183 of file Session.php.
MediaWiki\Session\Session::clear | ( | ) |
Delete all session data and clear the user (if possible)
Definition at line 250 of file Session.php.
MediaWiki\Session\Session::count | ( | ) |
Definition at line 611 of file Session.php.
References MediaWiki\Session\Session\count().
Referenced by MediaWiki\Session\Session\count(), and MediaWiki\Session\Session\getSecret().
MediaWiki\Session\Session::current | ( | ) |
Definition at line 616 of file Session.php.
References MediaWiki\Session\Session\current().
Referenced by MediaWiki\Session\Session\current().
MediaWiki\Session\Session::delaySave | ( | ) |
Delay automatic saving while multiple updates are being made.
Calls to save() or clear() will not be delayed.
Definition at line 595 of file Session.php.
MediaWiki\Session\Session::exists | ( | $key | ) |
Test if a value exists in the session.
string | int | $key |
Definition at line 303 of file Session.php.
MediaWiki\Session\Session::get | ( | $key, | |
$default = null |
|||
) |
Fetch a value from the session.
string | int | $key | |
mixed | $default | Returned if $this->exists( $key ) would be false |
Definition at line 292 of file Session.php.
MediaWiki\Session\Session::getAllowedUserRights | ( | ) |
Fetch the rights allowed the user when this session is active.
Definition at line 175 of file Session.php.
|
staticprivate |
Decide what type of encryption to use, based on system capabilities.
Definition at line 410 of file Session.php.
References MediaWiki\Session\Session\$encryptionAlgorithm, $wgSessionInsecureSecrets, and global.
Referenced by MediaWiki\Session\Session\getSecret(), and MediaWiki\Session\Session\setSecret().
MediaWiki\Session\Session::getId | ( | ) |
MediaWiki\Session\Session::getLoggedOutTimestamp | ( | ) |
MediaWiki\Session\Session::getProvider | ( | ) |
Fetch the SessionProvider for this session.
Definition at line 105 of file Session.php.
MediaWiki\Session\Session::getProviderMetadata | ( | ) |
Fetch provider metadata.
Definition at line 243 of file Session.php.
MediaWiki\Session\Session::getRequest | ( | ) |
Returns the request associated with this session.
Definition at line 159 of file Session.php.
MediaWiki\Session\Session::getSecret | ( | $key, | |
$default = null |
|||
) |
Fetch a value from the session that was set with self::setSecret()
string | int | $key | |
mixed | $default | Returned if $this->exists( $key ) would be false or decryption fails |
Definition at line 518 of file Session.php.
References $serialized, $value, MediaWiki\Session\Session\count(), MediaWiki\Session\Session\getEncryptionAlgorithm(), MediaWiki\Session\Session\getSecretKeys(), list, serialize(), and unserialize().
|
private |
Fetch the secret keys for self::setSecret() and self::getSecret().
Definition at line 389 of file Session.php.
References $wgSecretKey, $wgSessionSecret, and global.
Referenced by MediaWiki\Session\Session\getSecret(), and MediaWiki\Session\Session\setSecret().
MediaWiki\Session\Session::getSessionId | ( | ) |
Returns the SessionId object.
Definition at line 89 of file Session.php.
MediaWiki\Session\Session::getToken | ( | $salt = '' , |
|
$key = 'default' |
|||
) |
Fetch a CSRF token from the session.
Note that this does not persist the session, which you'll probably want to do if you want the token to actually be useful.
string | string[] | $salt | Token salt |
string | $key | Token key |
Definition at line 343 of file Session.php.
MediaWiki\Session\Session::getUser | ( | ) |
Returns the authenticated user for this session.
Definition at line 167 of file Session.php.
MediaWiki\Session\Session::isPersistent | ( | ) |
Indicate whether this session is persisted across requests.
For example, if cookies are set.
Definition at line 116 of file Session.php.
MediaWiki\Session\Session::key | ( | ) |
Definition at line 621 of file Session.php.
References MediaWiki\Session\Session\key().
Referenced by MediaWiki\Session\Session\key(), and MediaWiki\Session\Session\valid().
MediaWiki\Session\Session::next | ( | ) |
Definition at line 626 of file Session.php.
References MediaWiki\Session\Session\next().
Referenced by MediaWiki\Session\Session\next().
MediaWiki\Session\Session::offsetExists | ( | $offset | ) |
Definition at line 645 of file Session.php.
& MediaWiki\Session\Session::offsetGet | ( | $offset | ) |
Definition at line 657 of file Session.php.
MediaWiki\Session\Session::offsetSet | ( | $offset, | |
$value | |||
) |
Definition at line 666 of file Session.php.
References $value.
MediaWiki\Session\Session::offsetUnset | ( | $offset | ) |
Definition at line 670 of file Session.php.
MediaWiki\Session\Session::persist | ( | ) |
Make this session persisted across requests.
If the session is already persistent, equivalent to calling $this->renew().
Definition at line 126 of file Session.php.
MediaWiki\Session\Session::remove | ( | $key | ) |
Remove a value from the session.
string | int | $key |
Definition at line 325 of file Session.php.
MediaWiki\Session\Session::renew | ( | ) |
Renew the session.
Resets the TTL in the backend store if the session is near expiring, and re-persists the session to any active WebRequests if persistent.
Definition at line 268 of file Session.php.
MediaWiki\Session\Session::resetAllTokens | ( | ) |
Remove all CSRF tokens from the session.
Definition at line 381 of file Session.php.
MediaWiki\Session\Session::resetId | ( | ) |
Changes the session ID.
Definition at line 97 of file Session.php.
MediaWiki\Session\Session::resetToken | ( | $key = 'default' | ) |
Remove a CSRF token from the session.
The next call to self::getToken() with $key will generate a new secret.
string | $key | Token key |
Definition at line 370 of file Session.php.
MediaWiki\Session\Session::rewind | ( | ) |
Definition at line 631 of file Session.php.
MediaWiki\Session\Session::save | ( | ) |
Save the session.
Definition at line 602 of file Session.php.
MediaWiki\Session\Session::sessionWithRequest | ( | WebRequest | $request | ) |
Fetch a copy of this session attached to an alternative WebRequest.
Actions on the copy will affect this session too, and vice versa.
WebRequest | $request | Any existing session associated with this WebRequest object will be overwritten. |
Definition at line 281 of file Session.php.
References $request.
MediaWiki\Session\Session::set | ( | $key, | |
$value | |||
) |
Set a value in the session.
string | int | $key | |
mixed | $value |
Definition at line 313 of file Session.php.
References $value.
MediaWiki\Session\Session::setForceHTTPS | ( | $force | ) |
Set whether HTTPS should be forced.
bool | $force |
Definition at line 218 of file Session.php.
MediaWiki\Session\Session::setLoggedOutTimestamp | ( | $ts | ) |
MediaWiki\Session\Session::setRememberUser | ( | $remember | ) |
Set whether the user should be remembered independently of the session ID.
bool | $remember |
Definition at line 151 of file Session.php.
MediaWiki\Session\Session::setSecret | ( | $key, | |
$value | |||
) |
Set a value in the session, encrypted.
This relies on the secrecy of $wgSecretKey (by default), or $wgSessionSecret.
string | int | $key | |
mixed | $value |
Definition at line 465 of file Session.php.
References $serialized, $value, MediaWiki\Session\Session\getEncryptionAlgorithm(), MediaWiki\Session\Session\getSecretKeys(), list, and serialize().
MediaWiki\Session\Session::setUser | ( | $user | ) |
MediaWiki\Session\Session::shouldForceHTTPS | ( | ) |
MediaWiki\Session\Session::shouldRememberUser | ( | ) |
Indicate whether the user should be remembered independently of the session ID.
Definition at line 142 of file Session.php.
MediaWiki\Session\Session::suggestLoginUsername | ( | ) |
Get a suggested username for the login form.
Definition at line 202 of file Session.php.
MediaWiki\Session\Session::unpersist | ( | ) |
Make this session not be persisted across requests.
Definition at line 133 of file Session.php.
MediaWiki\Session\Session::valid | ( | ) |
Definition at line 636 of file Session.php.
References MediaWiki\Session\Session\key().
|
private |
Session backend.
Definition at line 53 of file Session.php.
Referenced by MediaWiki\Session\Session\__construct().
|
staticprivate |
Encryption algorithm to use.
Definition at line 50 of file Session.php.
Referenced by MediaWiki\Session\Session\getEncryptionAlgorithm().
|
private |
Session index.
Definition at line 56 of file Session.php.
Referenced by MediaWiki\Session\Session\__construct().
|
private |
Definition at line 59 of file Session.php.
Referenced by MediaWiki\Session\Session\__construct().