MediaWiki REL1_28
|
This serves as the entry point to the MediaWiki session handling system. More...
Public Member Functions | |
__construct ( $options=[]) | |
getEmptySession (WebRequest $request=null) | |
Create a new, empty session. | |
getSessionById ( $id, $create=false, WebRequest $request=null) | |
Fetch a session by ID. | |
getSessionForRequest (WebRequest $request) | |
Fetch the session for a request (or a new empty session if none is attached to it) | |
getVaryCookies () | |
Return the list of cookies that need varying on. | |
getVaryHeaders () | |
Return the HTTP headers that need varying on. | |
invalidateSessionsForUser (User $user) | |
Invalidate sessions for a user. | |
setLogger (LoggerInterface $logger) | |
Static Public Member Functions | |
static | getGlobalSession () |
Get the "global" session. | |
static | singleton () |
Get the global SessionManager. | |
static | validateSessionId ( $id) |
Validate a session ID. | |
Private Member Functions | |
getEmptySessionInternal (WebRequest $request=null, $id=null) | |
Private Attributes | |
SessionBackend[] | $allSessionBackends = [] |
SessionId[] | $allSessionIds = [] |
Config | $config |
LoggerInterface | $logger |
string[] | $preventUsers = [] |
SessionProvider[] | $sessionProviders = null |
CachedBagOStuff null | $store |
string[] | $varyCookies = null |
array | $varyHeaders = null |
Static Private Attributes | |
static Session null | $globalSession = null |
static WebRequest null | $globalSessionRequest = null |
static SessionManager null | $instance = null |
Internal methods | |
static | autoCreateUser (User $user) |
Auto-create the given user, if necessary. | |
static | resetCache () |
Reset the internal caching for unit testing. | |
preventSessionsForUser ( $username) | |
Prevent future sessions for the user. | |
isUserSessionPrevented ( $username) | |
Test if a user is prevented. | |
getProvider ( $name) | |
Get a session provider by name. | |
shutdown () | |
Save all active sessions on shutdown. | |
getSessionFromInfo (SessionInfo $info, WebRequest $request) | |
Create a Session corresponding to the passed SessionInfo. | |
deregisterSessionBackend (SessionBackend $backend) | |
Deregister a SessionBackend. | |
changeBackendId (SessionBackend $backend) | |
Change a SessionBackend's ID. | |
generateSessionId () | |
Generate a new random session ID. | |
setupPHPSessionHandler (PHPSessionHandler $handler) | |
Call setters on a PHPSessionHandler. | |
getSessionInfoForRequest (WebRequest $request) | |
Fetch the SessionInfo(s) for a request. | |
loadSessionInfoFromStore (SessionInfo &$info, WebRequest $request) | |
Load and verify the session info against the store. | |
getProviders () | |
Get the available SessionProviders. | |
This serves as the entry point to the MediaWiki session handling system.
Most methods here are for internal use by session handling code. Other callers should only use getGlobalSession and the methods of SessionManagerInterface; the rest of the functionality is exposed via MediaWiki\Session\Session methods.
To provide custom session handling, implement a MediaWiki\Session\SessionProvider.
Definition at line 48 of file SessionManager.php.
MediaWiki\Session\SessionManager::__construct | ( | $options = [] | ) |
array | $options |
Definition at line 146 of file SessionManager.php.
References $options, MediaWiki\Session\SessionManager\$store, MediaWiki\Session\SessionManager\setLogger(), and store.
|
static |
Auto-create the given user, if necessary.
Definition at line 386 of file SessionManager.php.
References $user, and wfDeprecated().
MediaWiki\Session\SessionManager::changeBackendId | ( | SessionBackend | $backend | ) |
Change a SessionBackend's ID.
SessionBackend | $backend |
Definition at line 910 of file SessionManager.php.
References MediaWiki\Session\SessionManager\generateSessionId(), MediaWiki\Session\SessionBackend\getSessionId(), and string.
MediaWiki\Session\SessionManager::deregisterSessionBackend | ( | SessionBackend | $backend | ) |
Deregister a SessionBackend.
SessionBackend | $backend |
Definition at line 892 of file SessionManager.php.
References MediaWiki\Session\SessionBackend\getId(), and MediaWiki\Session\SessionBackend\getSessionId().
MediaWiki\Session\SessionManager::generateSessionId | ( | ) |
Generate a new random session ID.
Definition at line 932 of file SessionManager.php.
References MWCryptRand\generateHex(), store, and wfMemcKey().
Referenced by MediaWiki\Session\SessionManager\changeBackendId().
MediaWiki\Session\SessionManager::getEmptySession | ( | WebRequest | $request = null | ) |
Create a new, empty session.
The first provider configured that is able to provide an empty session will be used.
WebRequest | null | $request | Corresponding request. Any existing session associated with this WebRequest object will be overwritten. |
Implements MediaWiki\Session\SessionManagerInterface.
Definition at line 241 of file SessionManager.php.
References $request, and MediaWiki\Session\SessionManager\getEmptySessionInternal().
Referenced by MediaWiki\Session\SessionManager\getSessionForRequest().
|
private |
WebRequest | null | $request | |
string | null | $id | ID to force on the new session |
Definition at line 251 of file SessionManager.php.
References $request, as, MediaWiki\Session\SessionInfo\compare(), MediaWiki\Session\SessionManager\getProviders(), MediaWiki\Session\SessionManager\getSessionFromInfo(), store, and wfMemcKey().
Referenced by MediaWiki\Session\SessionManager\getEmptySession(), and MediaWiki\Session\SessionManager\getSessionById().
|
static |
Get the "global" session.
If PHP's session_id() has been set, returns that session. Otherwise returns the session for RequestContext::getMain()->getRequest().
Definition at line 105 of file SessionManager.php.
References MediaWiki\Session\SessionManager\$globalSession, $request, ContextSource\getRequest(), MediaWiki\Session\PHPSessionHandler\isEnabled(), and MediaWiki\Session\SessionManager\singleton().
Referenced by MediaWiki\Auth\RememberMeAuthenticationRequest\__construct(), MediaWiki\Session\SessionBackend\checkPHPSession(), and MediaWiki\Session\SessionManagerTest\testGetGlobalSession().
MediaWiki\Session\SessionManager::getProvider | ( | $name | ) |
Get a session provider by name.
Generally, this will only be used by internal implementation of some special session-providing mechanism. General purpose code, if it needs to access a SessionProvider at all, will use Session::getProvider().
string | $name |
Definition at line 454 of file SessionManager.php.
References $name, and MediaWiki\Session\SessionManager\getProviders().
Referenced by MediaWiki\Session\SessionManager\loadSessionInfoFromStore().
|
protected |
Get the available SessionProviders.
Definition at line 427 of file SessionManager.php.
References MediaWiki\Session\SessionManager\$sessionProviders, as, and string.
Referenced by MediaWiki\Session\SessionManager\getEmptySessionInternal(), MediaWiki\Session\SessionManager\getProvider(), MediaWiki\Session\SessionManager\getSessionInfoForRequest(), MediaWiki\Session\SessionManager\getVaryCookies(), MediaWiki\Session\SessionManager\getVaryHeaders(), MediaWiki\Session\SessionManager\invalidateSessionsForUser(), and MediaWiki\Session\SessionManager\preventSessionsForUser().
MediaWiki\Session\SessionManager::getSessionById | ( | $id, | |
$create = false , |
|||
WebRequest | $request = null |
||
) |
Fetch a session by ID.
string | $id | |
bool | $create | If no session exists for $id, try to create a new one. May still return null if a session for $id exists but cannot be loaded. |
WebRequest | null | $request | Corresponding request. Any existing session associated with this WebRequest object will be overwritten. |
Implements MediaWiki\Session\SessionManagerInterface.
Definition at line 199 of file SessionManager.php.
References $request, MediaWiki\Session\SessionManager\getEmptySessionInternal(), MediaWiki\Session\SessionManager\getSessionFromInfo(), MediaWiki\Session\SessionManager\loadSessionInfoFromStore(), MediaWiki\Session\SessionInfo\MIN_PRIORITY, store, and wfMemcKey().
MediaWiki\Session\SessionManager::getSessionForRequest | ( | WebRequest | $request | ) |
Fetch the session for a request (or a new empty session if none is attached to it)
WebRequest | $request | Any existing associated session will be reset to the session corresponding to the data in the request itself. |
\OverflowException if there are multiple sessions tied for top priority in the request. Exception has a property "sessionInfos" holding the SessionInfo objects for the sessions involved.
Implements MediaWiki\Session\SessionManagerInterface.
Definition at line 188 of file SessionManager.php.
References $request, MediaWiki\Session\SessionManager\getEmptySession(), MediaWiki\Session\SessionManager\getSessionFromInfo(), and MediaWiki\Session\SessionManager\getSessionInfoForRequest().
MediaWiki\Session\SessionManager::getSessionFromInfo | ( | SessionInfo | $info, |
WebRequest | $request | ||
) |
Create a Session corresponding to the passed SessionInfo.
SessionInfo | $info | |
WebRequest | $request |
Definition at line 836 of file SessionManager.php.
References $request, MediaWiki\Session\SessionInfo\getId(), MediaWiki\Session\SessionInfo\isIdSafe(), MW_NO_SESSION, store, MediaWiki\Session\SessionInfo\wasPersisted(), and MediaWiki\Session\SessionInfo\wasRemembered().
Referenced by MediaWiki\Session\SessionManager\getEmptySessionInternal(), MediaWiki\Session\SessionManager\getSessionById(), and MediaWiki\Session\SessionManager\getSessionForRequest().
|
private |
Fetch the SessionInfo(s) for a request.
WebRequest | $request |
Definition at line 482 of file SessionManager.php.
References $request, as, MediaWiki\Session\SessionInfo\compare(), MediaWiki\Session\SessionManager\getProviders(), and MediaWiki\Session\SessionManager\loadSessionInfoFromStore().
Referenced by MediaWiki\Session\SessionManager\getSessionForRequest().
MediaWiki\Session\SessionManager::getVaryCookies | ( | ) |
Return the list of cookies that need varying on.
Implements MediaWiki\Session\SessionManagerInterface.
Definition at line 348 of file SessionManager.php.
References MediaWiki\Session\SessionManager\$varyCookies, as, MediaWiki\Session\SessionManager\getProviders(), and MW_NO_SESSION.
MediaWiki\Session\SessionManager::getVaryHeaders | ( | ) |
Return the HTTP headers that need varying on.
The return value is such that someone could theoretically do this:
Implements MediaWiki\Session\SessionManagerInterface.
Definition at line 325 of file SessionManager.php.
References $header, $options, MediaWiki\Session\SessionManager\$varyHeaders, as, MediaWiki\Session\SessionManager\getProviders(), and MW_NO_SESSION.
MediaWiki\Session\SessionManager::invalidateSessionsForUser | ( | User | $user | ) |
Invalidate sessions for a user.
After calling this, existing sessions should be invalid. For mutable session providers, this generally means the user has to log in again; for immutable providers, it generally means the loss of session data.
User | $user |
Implements MediaWiki\Session\SessionManagerInterface.
Definition at line 311 of file SessionManager.php.
References $user, as, and MediaWiki\Session\SessionManager\getProviders().
MediaWiki\Session\SessionManager::isUserSessionPrevented | ( | $username | ) |
Test if a user is prevented.
string | $username |
Definition at line 419 of file SessionManager.php.
References $username.
|
private |
Load and verify the session info against the store.
SessionInfo | &$info | Will likely be replaced with an updated SessionInfo instance |
WebRequest | $request |
Definition at line 546 of file SessionManager.php.
References $blob, $request, MediaWiki\Session\SessionInfo\forceHTTPS(), MediaWiki\Session\SessionInfo\forceUse(), MediaWiki\Session\MetadataMergeException\getContext(), MediaWiki\Session\SessionInfo\getId(), MediaWiki\Session\SessionInfo\getPriority(), MediaWiki\Session\SessionManager\getProvider(), MediaWiki\Session\SessionInfo\getProvider(), MediaWiki\Session\SessionInfo\getProviderMetadata(), MediaWiki\Session\SessionInfo\getUserInfo(), MediaWiki\Session\SessionInfo\isIdSafe(), MediaWiki\Session\SessionManager\loadSessionInfoFromStore(), MediaWiki\Session\UserInfo\newAnonymous(), MediaWiki\Session\UserInfo\newFromId(), MediaWiki\Session\UserInfo\newFromName(), store, use, MediaWiki\Session\SessionInfo\wasPersisted(), MediaWiki\Session\SessionInfo\wasRemembered(), and wfMemcKey().
Referenced by MediaWiki\Session\SessionManager\getSessionById(), MediaWiki\Session\SessionManager\getSessionInfoForRequest(), and MediaWiki\Session\SessionManager\loadSessionInfoFromStore().
MediaWiki\Session\SessionManager::preventSessionsForUser | ( | $username | ) |
Prevent future sessions for the user.
The intention is that the named account will never again be usable for normal login (i.e. there is no way to undo the prevention of access).
string | $username |
Definition at line 404 of file SessionManager.php.
References $username, as, and MediaWiki\Session\SessionManager\getProviders().
|
static |
Reset the internal caching for unit testing.
Definition at line 953 of file SessionManager.php.
MediaWiki\Session\SessionManager::setLogger | ( | LoggerInterface | $logger | ) |
Definition at line 184 of file SessionManager.php.
References MediaWiki\Session\SessionManager\$logger.
Referenced by MediaWiki\Session\SessionManager\__construct().
MediaWiki\Session\SessionManager::setupPHPSessionHandler | ( | PHPSessionHandler | $handler | ) |
Call setters on a PHPSessionHandler.
PHPSessionHandler | $handler |
Definition at line 945 of file SessionManager.php.
References $handler, and store.
Referenced by MediaWiki\Session\PHPSessionHandler\__construct(), and MediaWiki\Session\PHPSessionHandler\install().
MediaWiki\Session\SessionManager::shutdown | ( | ) |
Save all active sessions on shutdown.
Definition at line 463 of file SessionManager.php.
References as.
|
static |
Get the global SessionManager.
Definition at line 90 of file SessionManager.php.
References MediaWiki\Session\SessionManager\$instance.
Referenced by MediaWiki\Session\SessionManager\getGlobalSession(), MediaWiki\Session\CookieSessionProviderTest\testCookieData(), MediaWiki\Session\CookieSessionProviderTest\testGetCookie(), MediaWiki\Session\SessionManagerTest\testGetGlobalSession(), MediaWiki\Session\CookieSessionProviderTest\testGetLoginCookieExpiration(), MediaWiki\Session\CookieSessionProviderTest\testGetRememberUserDuration(), MediaWiki\Session\CookieSessionProviderTest\testPersistSession(), MediaWiki\Session\CookieSessionProviderTest\testPersistSessionWithHook(), MediaWiki\Session\SessionBackendTest\testResetIdOfGlobalSession(), MediaWiki\Session\CookieSessionProviderTest\testSetLoggedOutCookie(), MediaWiki\Session\SessionManagerTest\testSingleton(), MediaWiki\Session\SessionBackendTest\testTakeOverGlobalSession(), MediaWiki\Session\SessionBackendTest\testUnpersistOfGlobalSession(), and MediaWiki\Session\CookieSessionProviderTest\testUnpersistSession().
|
static |
Validate a session ID.
string | $id |
Definition at line 369 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionInfo\__construct(), MediaWiki\Session\ImmutableSessionProviderWithCookie\getSessionIdFromCookie(), MediaWiki\Session\CookieSessionProvider\provideSessionInfo(), and MediaWiki\Session\SessionManagerTest\testGenerateSessionId().
|
private |
Definition at line 77 of file SessionManager.php.
|
private |
Definition at line 80 of file SessionManager.php.
|
private |
Definition at line 62 of file SessionManager.php.
|
staticprivate |
Definition at line 53 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionManager\getGlobalSession().
|
staticprivate |
Definition at line 56 of file SessionManager.php.
|
staticprivate |
Definition at line 50 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionManager\singleton().
|
private |
Definition at line 59 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionManager\setLogger().
|
private |
Definition at line 83 of file SessionManager.php.
|
private |
Definition at line 68 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionManager\getProviders().
|
private |
Definition at line 65 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionManager\__construct().
|
private |
Definition at line 71 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionManager\getVaryCookies().
|
private |
Definition at line 74 of file SessionManager.php.
Referenced by MediaWiki\Session\SessionManager\getVaryHeaders().