MediaWiki  master
SessionBackend.php
Go to the documentation of this file.
1 <?php
24 namespace MediaWiki\Session;
25 
26 use CachedBagOStuff;
29 use Psr\Log\LoggerInterface;
30 use User;
31 use WebRequest;
32 use Wikimedia\AtEase\AtEase;
33 
52 final class SessionBackend {
54  private $id;
55 
57  private $persist = false;
58 
60  private $remember = false;
61 
63  private $forceHTTPS = false;
64 
66  private $data = null;
67 
69  private $forcePersist = false;
70 
80 
85  private $persistenceChangeData = [];
86 
88  private $metaDirty = false;
89 
91  private $dataDirty = false;
92 
94  private $dataHash = null;
95 
97  private $store;
98 
100  private $logger;
101 
103  private $hookRunner;
104 
106  private $lifetime;
107 
109  private $user;
110 
112  private $curIndex = 0;
113 
115  private $requests = [];
116 
118  private $provider;
119 
121  private $providerMetadata = null;
122 
124  private $expires = 0;
125 
127  private $loggedOut = 0;
128 
130  private $delaySave = 0;
131 
133  private $usePhpSessionHandling = true;
136 
138  private $shutdown = false;
139 
148  public function __construct(
149  SessionId $id, SessionInfo $info, CachedBagOStuff $store, LoggerInterface $logger,
150  HookContainer $hookContainer, $lifetime
151  ) {
152  $phpSessionHandling = \RequestContext::getMain()->getConfig()->get( 'PHPSessionHandling' );
153  $this->usePhpSessionHandling = $phpSessionHandling !== 'disable';
154 
155  if ( $info->getUserInfo() && !$info->getUserInfo()->isVerified() ) {
156  throw new \InvalidArgumentException(
157  "Refusing to create session for unverified user {$info->getUserInfo()}"
158  );
159  }
160  if ( $info->getProvider() === null ) {
161  throw new \InvalidArgumentException( 'Cannot create session without a provider' );
162  }
163  if ( $info->getId() !== $id->getId() ) {
164  throw new \InvalidArgumentException( 'SessionId and SessionInfo don\'t match' );
165  }
166 
167  $this->id = $id;
168  $this->user = $info->getUserInfo() ? $info->getUserInfo()->getUser() : new User;
169  $this->store = $store;
170  $this->logger = $logger;
171  $this->hookRunner = new HookRunner( $hookContainer );
172  $this->lifetime = $lifetime;
173  $this->provider = $info->getProvider();
174  $this->persist = $info->wasPersisted();
175  $this->remember = $info->wasRemembered();
176  $this->forceHTTPS = $info->forceHTTPS();
177  $this->providerMetadata = $info->getProviderMetadata();
178 
179  $blob = $store->get( $store->makeKey( 'MWSession', (string)$this->id ) );
180  if ( !is_array( $blob ) ||
181  !isset( $blob['metadata'] ) || !is_array( $blob['metadata'] ) ||
182  !isset( $blob['data'] ) || !is_array( $blob['data'] )
183  ) {
184  $this->data = [];
185  $this->dataDirty = true;
186  $this->metaDirty = true;
187  $this->persistenceChangeType = 'no-store';
188  $this->logger->debug(
189  'SessionBackend "{session}" is unsaved, marking dirty in constructor',
190  [
191  'session' => $this->id,
192  ] );
193  } else {
194  $this->data = $blob['data'];
195  if ( isset( $blob['metadata']['loggedOut'] ) ) {
196  $this->loggedOut = (int)$blob['metadata']['loggedOut'];
197  }
198  if ( isset( $blob['metadata']['expires'] ) ) {
199  $this->expires = (int)$blob['metadata']['expires'];
200  } else {
201  $this->metaDirty = true;
202  $this->persistenceChangeType = 'no-expiry';
203  $this->logger->debug(
204  'SessionBackend "{session}" metadata dirty due to missing expiration timestamp',
205  [
206  'session' => $this->id,
207  ] );
208  }
209  }
210  $this->dataHash = md5( serialize( $this->data ) );
211  }
212 
218  public function getSession( WebRequest $request ) {
219  $index = ++$this->curIndex;
220  $this->requests[$index] = $request;
221  $session = new Session( $this, $index, $this->logger );
222  return $session;
223  }
224 
230  public function deregisterSession( $index ) {
231  unset( $this->requests[$index] );
232  if ( !$this->shutdown && !count( $this->requests ) ) {
233  $this->save( true );
234  $this->provider->getManager()->deregisterSessionBackend( $this );
235  }
236  }
237 
242  public function shutdown() {
243  $this->save( true );
244  $this->shutdown = true;
245  }
246 
251  public function getId() {
252  return (string)$this->id;
253  }
254 
260  public function getSessionId() {
261  return $this->id;
262  }
263 
268  public function resetId() {
269  if ( $this->provider->persistsSessionId() ) {
270  $oldId = (string)$this->id;
271  $restart = $this->usePhpSessionHandling && $oldId === session_id() &&
273 
274  if ( $restart ) {
275  // If this session is the one behind PHP's $_SESSION, we need
276  // to close then reopen it.
277  session_write_close();
278  }
279 
280  $this->provider->getManager()->changeBackendId( $this );
281  $this->provider->sessionIdWasReset( $this, $oldId );
282  $this->metaDirty = true;
283  $this->logger->debug(
284  'SessionBackend "{session}" metadata dirty due to ID reset (formerly "{oldId}")',
285  [
286  'session' => $this->id,
287  'oldId' => $oldId,
288  ] );
289 
290  if ( $restart ) {
291  session_id( (string)$this->id );
292  AtEase::quietCall( 'session_start' );
293  }
294 
295  $this->autosave();
296 
297  // Delete the data for the old session ID now
298  $this->store->delete( $this->store->makeKey( 'MWSession', $oldId ) );
299  }
300 
301  return $this->id;
302  }
303 
308  public function getProvider() {
309  return $this->provider;
310  }
311 
319  public function isPersistent() {
320  return $this->persist;
321  }
322 
329  public function persist() {
330  if ( !$this->persist ) {
331  $this->persist = true;
332  $this->forcePersist = true;
333  $this->metaDirty = true;
334  $this->logger->debug(
335  'SessionBackend "{session}" force-persist due to persist()',
336  [
337  'session' => $this->id,
338  ] );
339  $this->autosave();
340  } else {
341  $this->renew();
342  }
343  }
344 
348  public function unpersist() {
349  if ( $this->persist ) {
350  // Close the PHP session, if we're the one that's open
351  if ( $this->usePhpSessionHandling && PHPSessionHandler::isEnabled() &&
352  session_id() === (string)$this->id
353  ) {
354  $this->logger->debug(
355  'SessionBackend "{session}" Closing PHP session for unpersist',
356  [ 'session' => $this->id ]
357  );
358  session_write_close();
359  session_id( '' );
360  }
361 
362  $this->persist = false;
363  $this->forcePersist = true;
364  $this->metaDirty = true;
365 
366  // Delete the session data, so the local cache-only write in
367  // self::save() doesn't get things out of sync with the backend.
368  $this->store->delete( $this->store->makeKey( 'MWSession', (string)$this->id ) );
369 
370  $this->autosave();
371  }
372  }
373 
379  public function shouldRememberUser() {
380  return $this->remember;
381  }
382 
388  public function setRememberUser( $remember ) {
389  if ( $this->remember !== (bool)$remember ) {
390  $this->remember = (bool)$remember;
391  $this->metaDirty = true;
392  $this->logger->debug(
393  'SessionBackend "{session}" metadata dirty due to remember-user change',
394  [
395  'session' => $this->id,
396  ] );
397  $this->autosave();
398  }
399  }
400 
406  public function getRequest( $index ) {
407  if ( !isset( $this->requests[$index] ) ) {
408  throw new \InvalidArgumentException( 'Invalid session index' );
409  }
410  return $this->requests[$index];
411  }
412 
417  public function getUser() {
418  return $this->user;
419  }
420 
425  public function getAllowedUserRights() {
426  return $this->provider->getAllowedUserRights( $this );
427  }
428 
433  public function canSetUser() {
434  return $this->provider->canChangeUser();
435  }
436 
444  public function setUser( $user ) {
445  if ( !$this->canSetUser() ) {
446  throw new \BadMethodCallException(
447  'Cannot set user on this session; check $session->canSetUser() first'
448  );
449  }
450 
451  $this->user = $user;
452  $this->metaDirty = true;
453  $this->logger->debug(
454  'SessionBackend "{session}" metadata dirty due to user change',
455  [
456  'session' => $this->id,
457  ] );
458  $this->autosave();
459  }
460 
466  public function suggestLoginUsername( $index ) {
467  if ( !isset( $this->requests[$index] ) ) {
468  throw new \InvalidArgumentException( 'Invalid session index' );
469  }
470  return $this->provider->suggestLoginUsername( $this->requests[$index] );
471  }
472 
477  public function shouldForceHTTPS() {
478  return $this->forceHTTPS;
479  }
480 
485  public function setForceHTTPS( $force ) {
486  if ( $this->forceHTTPS !== (bool)$force ) {
487  $this->forceHTTPS = (bool)$force;
488  $this->metaDirty = true;
489  $this->logger->debug(
490  'SessionBackend "{session}" metadata dirty due to force-HTTPS change',
491  [
492  'session' => $this->id,
493  ] );
494  $this->autosave();
495  }
496  }
497 
502  public function getLoggedOutTimestamp() {
503  return $this->loggedOut;
504  }
505 
509  public function setLoggedOutTimestamp( $ts = null ) {
510  $ts = (int)$ts;
511  if ( $this->loggedOut !== $ts ) {
512  $this->loggedOut = $ts;
513  $this->metaDirty = true;
514  $this->logger->debug(
515  'SessionBackend "{session}" metadata dirty due to logged-out-timestamp change',
516  [
517  'session' => $this->id,
518  ] );
519  $this->autosave();
520  }
521  }
522 
528  public function getProviderMetadata() {
530  }
531 
536  public function setProviderMetadata( $metadata ) {
537  if ( $metadata !== null && !is_array( $metadata ) ) {
538  throw new \InvalidArgumentException( '$metadata must be an array or null' );
539  }
540  if ( $this->providerMetadata !== $metadata ) {
541  $this->providerMetadata = $metadata;
542  $this->metaDirty = true;
543  $this->logger->debug(
544  'SessionBackend "{session}" metadata dirty due to provider metadata change',
545  [
546  'session' => $this->id,
547  ] );
548  $this->autosave();
549  }
550  }
551 
561  public function &getData() {
562  return $this->data;
563  }
564 
572  public function addData( array $newData ) {
573  $data = &$this->getData();
574  foreach ( $newData as $key => $value ) {
575  if ( !array_key_exists( $key, $data ) || $data[$key] !== $value ) {
576  $data[$key] = $value;
577  $this->dataDirty = true;
578  $this->logger->debug(
579  'SessionBackend "{session}" data dirty due to addData(): {callers}',
580  [
581  'session' => $this->id,
582  'callers' => wfGetAllCallers( 5 ),
583  ] );
584  }
585  }
586  }
587 
592  public function dirty() {
593  $this->dataDirty = true;
594  $this->logger->debug(
595  'SessionBackend "{session}" data dirty due to dirty(): {callers}',
596  [
597  'session' => $this->id,
598  'callers' => wfGetAllCallers( 5 ),
599  ] );
600  }
601 
608  public function renew() {
609  if ( time() + $this->lifetime / 2 > $this->expires ) {
610  $this->metaDirty = true;
611  $this->logger->debug(
612  'SessionBackend "{callers}" metadata dirty for renew(): {callers}',
613  [
614  'session' => $this->id,
615  'callers' => wfGetAllCallers( 5 ),
616  ] );
617  if ( $this->persist ) {
618  $this->persistenceChangeType = 'renew';
619  $this->forcePersist = true;
620  $this->logger->debug(
621  'SessionBackend "{session}" force-persist for renew(): {callers}',
622  [
623  'session' => $this->id,
624  'callers' => wfGetAllCallers( 5 ),
625  ] );
626  }
627  }
628  $this->autosave();
629  }
630 
638  public function delaySave() {
639  $this->delaySave++;
640  return new \Wikimedia\ScopedCallback( function () {
641  if ( --$this->delaySave <= 0 ) {
642  $this->delaySave = 0;
643  $this->save();
644  }
645  } );
646  }
647 
652  private function autosave() {
653  if ( $this->delaySave <= 0 ) {
654  $this->save();
655  }
656  }
657 
667  public function save( $closing = false ) {
668  $anon = $this->user->isAnon();
669 
670  if ( !$anon && $this->provider->getManager()->isUserSessionPrevented( $this->user->getName() ) ) {
671  $this->logger->debug(
672  'SessionBackend "{session}" not saving, user {user} was ' .
673  'passed to SessionManager::preventSessionsForUser',
674  [
675  'session' => $this->id,
676  'user' => $this->user,
677  ] );
678  return;
679  }
680 
681  // Ensure the user has a token
682  // @codeCoverageIgnoreStart
683  if ( !$anon && !$this->user->getToken( false ) ) {
684  $this->logger->debug(
685  'SessionBackend "{session}" creating token for user {user} on save',
686  [
687  'session' => $this->id,
688  'user' => $this->user,
689  ] );
690  $this->user->setToken();
691  if ( !wfReadOnly() ) {
692  // Promise that the token set here will be valid; save it at end of request
693  $user = $this->user;
694  \DeferredUpdates::addCallableUpdate( function () use ( $user ) {
695  $user->saveSettings();
696  } );
697  }
698  $this->metaDirty = true;
699  }
700  // @codeCoverageIgnoreEnd
701 
702  if ( !$this->metaDirty && !$this->dataDirty &&
703  $this->dataHash !== md5( serialize( $this->data ) )
704  ) {
705  $this->logger->debug(
706  'SessionBackend "{session}" data dirty due to hash mismatch, {expected} !== {got}',
707  [
708  'session' => $this->id,
709  'expected' => $this->dataHash,
710  'got' => md5( serialize( $this->data ) ),
711  ] );
712  $this->dataDirty = true;
713  }
714 
715  if ( !$this->metaDirty && !$this->dataDirty && !$this->forcePersist ) {
716  return;
717  }
718 
719  $this->logger->debug(
720  'SessionBackend "{session}" save: dataDirty={dataDirty} ' .
721  'metaDirty={metaDirty} forcePersist={forcePersist}',
722  [
723  'session' => $this->id,
724  'dataDirty' => (int)$this->dataDirty,
725  'metaDirty' => (int)$this->metaDirty,
726  'forcePersist' => (int)$this->forcePersist,
727  ] );
728 
729  // Persist or unpersist to the provider, if necessary
730  if ( $this->metaDirty || $this->forcePersist ) {
731  if ( $this->persist ) {
732  foreach ( $this->requests as $request ) {
733  $request->setSessionId( $this->getSessionId() );
734  $this->logPersistenceChange( $request, true );
735  $this->provider->persistSession( $this, $request );
736  }
737  if ( !$closing ) {
738  $this->checkPHPSession();
739  }
740  } else {
741  foreach ( $this->requests as $request ) {
742  if ( $request->getSessionId() === $this->id ) {
743  $this->logPersistenceChange( $request, false );
744  $this->provider->unpersistSession( $request );
745  }
746  }
747  }
748  }
749 
750  $this->forcePersist = false;
751  $this->persistenceChangeType = null;
752 
753  if ( !$this->metaDirty && !$this->dataDirty ) {
754  return;
755  }
756 
757  // Save session data to store, if necessary
758  $metadata = $origMetadata = [
759  'provider' => (string)$this->provider,
760  'providerMetadata' => $this->providerMetadata,
761  'userId' => $anon ? 0 : $this->user->getId(),
762  'userName' => User::isValidUserName( $this->user->getName() ) ? $this->user->getName() : null,
763  'userToken' => $anon ? null : $this->user->getToken(),
764  'remember' => !$anon && $this->remember,
765  'forceHTTPS' => $this->forceHTTPS,
766  'expires' => time() + $this->lifetime,
767  'loggedOut' => $this->loggedOut,
768  'persisted' => $this->persist,
769  ];
770 
771  $this->hookRunner->onSessionMetadata( $this, $metadata, $this->requests );
772 
773  foreach ( $origMetadata as $k => $v ) {
774  if ( $metadata[$k] !== $v ) {
775  throw new \UnexpectedValueException( "SessionMetadata hook changed metadata key \"$k\"" );
776  }
777  }
778 
779  $flags = $this->persist ? 0 : CachedBagOStuff::WRITE_CACHE_ONLY;
780  $flags |= CachedBagOStuff::WRITE_SYNC; // write to all datacenters
781  $this->store->set(
782  $this->store->makeKey( 'MWSession', (string)$this->id ),
783  [
784  'data' => $this->data,
785  'metadata' => $metadata,
786  ],
787  $metadata['expires'],
788  $flags
789  );
790 
791  $this->metaDirty = false;
792  $this->dataDirty = false;
793  $this->dataHash = md5( serialize( $this->data ) );
794  $this->expires = $metadata['expires'];
795  }
796 
801  private function checkPHPSession() {
802  if ( !$this->checkPHPSessionRecursionGuard ) {
803  $this->checkPHPSessionRecursionGuard = true;
804  $reset = new \Wikimedia\ScopedCallback( function () {
805  $this->checkPHPSessionRecursionGuard = false;
806  } );
807 
808  if ( $this->usePhpSessionHandling && session_id() === '' && PHPSessionHandler::isEnabled() &&
809  SessionManager::getGlobalSession()->getId() === (string)$this->id
810  ) {
811  $this->logger->debug(
812  'SessionBackend "{session}" Taking over PHP session',
813  [
814  'session' => $this->id,
815  ] );
816  session_id( (string)$this->id );
817  AtEase::quietCall( 'session_start' );
818  }
819  }
820  }
821 
827  private function logPersistenceChange( WebRequest $request, bool $persist ) {
828  if ( !$this->isPersistent() && !$persist ) {
829  // FIXME SessionManager calls unpersistSession() on anonymous requests (and the cookie
830  // filtering in WebResponse makes it a noop). Skip those.
831  return;
832  }
833 
834  $verb = $persist ? 'Persisting' : 'Unpersisting';
835  if ( $this->persistenceChangeType === 'renew' ) {
836  $message = "$verb session for renewal";
837  } elseif ( $this->persistenceChangeType === 'no-store' ) {
838  $message = "$verb session due to no pre-existing stored session";
839  } elseif ( $this->persistenceChangeType === 'no-expiry' ) {
840  $message = "$verb session due to lack of stored expiry";
841  } elseif ( $this->persistenceChangeType === null ) {
842  $message = "$verb session for unknown reason";
843  }
844 
845  // Because SessionManager repeats session loading several times in the same request,
846  // it will try to persist or unpersist several times. WebResponse deduplicates, but
847  // we want to deduplicate logging as well since the volume is already fairly large.
848  $id = $this->getId();
849  $user = $this->getUser()->isAnon() ? '<anon>' : $this->getUser()->getName();
850  if ( $this->persistenceChangeData
851  && $this->persistenceChangeData['id'] === $id
852  && $this->persistenceChangeData['user'] === $user
853  && $this->persistenceChangeData['message'] === $message
854  ) {
855  return;
856  }
857  $this->persistenceChangeData = [ 'id' => $id, 'user' => $user, 'message' => $message ];
858 
859  $this->logger->info( $message, [
860  'id' => $id,
861  'provider' => get_class( $this->getProvider() ),
862  'user' => $user,
863  'clientip' => $request->getIP(),
864  'userAgent' => $request->getHeader( 'user-agent' ),
865  ] );
866  }
867 
868 }
MediaWiki\Session\SessionInfo\forceHTTPS
forceHTTPS()
Whether this session should only be used over HTTPS.
Definition: SessionInfo.php:285
MediaWiki\Session\SessionId\getId
getId()
Definition: SessionId.php:56
MediaWiki\Session\SessionBackend\shouldRememberUser
shouldRememberUser()
Indicate whether the user should be remembered independently of the session ID.
Definition: SessionBackend.php:379
MediaWiki\Session\SessionBackend\getUser
getUser()
Returns the authenticated user for this session.
Definition: SessionBackend.php:417
MediaWiki\Session\SessionBackend\getRequest
getRequest( $index)
Returns the request associated with a Session.
Definition: SessionBackend.php:406
MediaWiki\Session\SessionBackend\getProviderMetadata
getProviderMetadata()
Fetch provider metadata.
Definition: SessionBackend.php:528
MediaWiki\Session\SessionBackend\$logger
LoggerInterface $logger
Definition: SessionBackend.php:100
MediaWiki\Session\SessionBackend\$curIndex
int $curIndex
Definition: SessionBackend.php:112
BagOStuff\WRITE_SYNC
const WRITE_SYNC
Bitfield constants for set()/merge(); these are only advisory.
Definition: BagOStuff.php:93
MediaWiki\Session\SessionBackend\getId
getId()
Returns the session ID.
Definition: SessionBackend.php:251
MediaWiki\Session\SessionBackend\$shutdown
bool $shutdown
Definition: SessionBackend.php:138
MediaWiki\Session\SessionBackend\$expires
int $expires
Definition: SessionBackend.php:124
MediaWiki\Session\SessionBackend\$id
SessionId $id
Definition: SessionBackend.php:54
MediaWiki\Session\SessionBackend\persist
persist()
Make this session persisted across requests.
Definition: SessionBackend.php:329
MediaWiki\Session\SessionBackend\setUser
setUser( $user)
Set a new user for this session.
Definition: SessionBackend.php:444
MediaWiki\Session\SessionBackend\getProvider
getProvider()
Fetch the SessionProvider for this session.
Definition: SessionBackend.php:308
MediaWiki\Session\PHPSessionHandler\isEnabled
static isEnabled()
Test whether the handler is installed and enabled.
Definition: PHPSessionHandler.php:103
MediaWiki\Session\SessionBackend\setLoggedOutTimestamp
setLoggedOutTimestamp( $ts=null)
Definition: SessionBackend.php:509
MediaWiki\Session\SessionInfo\getId
getId()
Return the session ID.
Definition: SessionInfo.php:193
MediaWiki\Session\SessionBackend\getData
& getData()
Fetch the session data array.
Definition: SessionBackend.php:561
wfReadOnly
wfReadOnly()
Check whether the wiki is in read-only mode.
Definition: GlobalFunctions.php:1134
MediaWiki\Session\SessionBackend\__construct
__construct(SessionId $id, SessionInfo $info, CachedBagOStuff $store, LoggerInterface $logger, HookContainer $hookContainer, $lifetime)
Definition: SessionBackend.php:148
User\isValidUserName
static isValidUserName( $name)
Is the input a valid username?
Definition: User.php:986
MediaWiki\Session\SessionBackend\resetId
resetId()
Changes the session ID.
Definition: SessionBackend.php:268
serialize
serialize()
Definition: ApiMessageTrait.php:138
MediaWiki\Session\SessionBackend\getSession
getSession(WebRequest $request)
Return a new Session for this backend.
Definition: SessionBackend.php:218
MediaWiki\Session\SessionBackend\logPersistenceChange
logPersistenceChange(WebRequest $request, bool $persist)
Helper method for logging persistSession/unpersistSession calls.
Definition: SessionBackend.php:827
MediaWiki\Session\SessionBackend\deregisterSession
deregisterSession( $index)
Deregister a Session.
Definition: SessionBackend.php:230
CachedBagOStuff\get
get( $key, $flags=0)
Get an item with the given key.
Definition: CachedBagOStuff.php:62
MediaWiki\Session\SessionBackend\autosave
autosave()
Save the session, unless delayed.
Definition: SessionBackend.php:652
MediaWiki\Session\SessionBackend\$forceHTTPS
bool $forceHTTPS
Definition: SessionBackend.php:63
MediaWiki\Session\SessionBackend\shutdown
shutdown()
Shut down a session.
Definition: SessionBackend.php:242
MediaWiki\Session\SessionBackend\$dataHash
string $dataHash
Used to detect subarray modifications.
Definition: SessionBackend.php:94
MediaWiki\Session\SessionBackend\$user
User $user
Definition: SessionBackend.php:109
MediaWiki\Session\Session
Manages data for an authenticated session.
Definition: Session.php:48
MediaWiki\Session\SessionProvider
A SessionProvider provides SessionInfo and support for Session.
Definition: SessionProvider.php:81
MediaWiki\Session\SessionInfo\getProvider
getProvider()
Return the provider.
Definition: SessionInfo.php:185
$blob
$blob
Definition: testCompression.php:70
MediaWiki\Session\SessionBackend\$metaDirty
bool $metaDirty
Definition: SessionBackend.php:88
MediaWiki\Session\SessionBackend\$store
CachedBagOStuff $store
Definition: SessionBackend.php:97
MediaWiki\Session\SessionBackend\$forcePersist
bool $forcePersist
Definition: SessionBackend.php:69
MediaWiki\Session\SessionBackend\addData
addData(array $newData)
Add data to the session.
Definition: SessionBackend.php:572
MediaWiki\Session\SessionBackend\$loggedOut
int $loggedOut
Definition: SessionBackend.php:127
MediaWiki\Session\SessionBackend\dirty
dirty()
Mark data as dirty.
Definition: SessionBackend.php:592
MediaWiki\Session
Definition: BotPasswordSessionProvider.php:24
MediaWiki\Session\SessionInfo\wasPersisted
wasPersisted()
Return whether the session is persisted.
Definition: SessionInfo.php:248
User\saveSettings
saveSettings()
Save this user's settings into the database.
Definition: User.php:3364
MediaWiki\Session\SessionBackend\setForceHTTPS
setForceHTTPS( $force)
Set whether HTTPS should be forced.
Definition: SessionBackend.php:485
MediaWiki\Session\SessionBackend\$persist
bool $persist
Definition: SessionBackend.php:57
MediaWiki\Session\SessionInfo\getProviderMetadata
getProviderMetadata()
Return provider metadata.
Definition: SessionInfo.php:256
MediaWiki\Session\SessionBackend\$checkPHPSessionRecursionGuard
bool $checkPHPSessionRecursionGuard
Definition: SessionBackend.php:135
MediaWiki\Session\SessionManager\getGlobalSession
static getGlobalSession()
If PHP's session_id() has been set, returns that session.
Definition: SessionManager.php:113
MediaWiki\Session\SessionBackend\$data
array null $data
Definition: SessionBackend.php:66
MediaWiki\Session\SessionBackend\$persistenceChangeData
array $persistenceChangeData
The data from the previous logPersistenceChange() log event.
Definition: SessionBackend.php:85
MediaWiki\Session\SessionBackend\getSessionId
getSessionId()
Fetch the SessionId object.
Definition: SessionBackend.php:260
CachedBagOStuff
Wrapper around a BagOStuff that caches data in memory.
Definition: CachedBagOStuff.php:37
MediaWiki\Session\SessionBackend\shouldForceHTTPS
shouldForceHTTPS()
Whether HTTPS should be forced.
Definition: SessionBackend.php:477
CachedBagOStuff\makeKey
makeKey( $class,... $components)
Make a cache key for the global keyspace and given components.
Definition: CachedBagOStuff.php:168
RequestContext\getMain
static getMain()
Get the RequestContext object associated with the main request.
Definition: RequestContext.php:454
WebRequest
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form stripping il...
Definition: WebRequest.php:42
wfGetAllCallers
wfGetAllCallers( $limit=3)
Return a string consisting of callers in the stack.
Definition: GlobalFunctions.php:1423
WebRequest\getIP
getIP()
Work out the IP address based on various globals For trusted proxies, use the XFF client IP (first of...
Definition: WebRequest.php:1270
MediaWiki\Session\SessionBackend\getAllowedUserRights
getAllowedUserRights()
Fetch the rights allowed the user when this session is active.
Definition: SessionBackend.php:425
MediaWiki\Session\SessionInfo
Value object returned by SessionProvider.
Definition: SessionInfo.php:37
MediaWiki\Session\SessionBackend\isPersistent
isPersistent()
Indicate whether this session is persisted across requests.
Definition: SessionBackend.php:319
MediaWiki\Session\SessionBackend\$lifetime
int $lifetime
Definition: SessionBackend.php:106
MediaWiki\Session\SessionBackend\renew
renew()
Renew the session by resaving everything.
Definition: SessionBackend.php:608
MediaWiki\Session\SessionBackend\$persistenceChangeType
string null $persistenceChangeType
The reason for the next persistSession/unpersistSession call.
Definition: SessionBackend.php:79
MediaWiki\Session\SessionBackend\getLoggedOutTimestamp
getLoggedOutTimestamp()
Fetch the "logged out" timestamp.
Definition: SessionBackend.php:502
MediaWiki\Session\SessionBackend\delaySave
delaySave()
Delay automatic saving while multiple updates are being made.
Definition: SessionBackend.php:638
MediaWiki\Session\SessionId
Value object holding the session ID in a manner that can be globally updated.
Definition: SessionId.php:40
WebRequest\getHeader
getHeader( $name, $flags=0)
Get a request header, or false if it isn't set.
Definition: WebRequest.php:1131
MediaWiki\Session\SessionBackend\$provider
SessionProvider $provider
provider
Definition: SessionBackend.php:118
MediaWiki\Session\SessionBackend\setRememberUser
setRememberUser( $remember)
Set whether the user should be remembered independently of the session ID.
Definition: SessionBackend.php:388
MediaWiki\HookContainer\HookContainer
HookContainer class.
Definition: HookContainer.php:45
MediaWiki\Session\SessionBackend\$dataDirty
bool $dataDirty
Definition: SessionBackend.php:91
MediaWiki\Session\SessionBackend\$requests
WebRequest[] $requests
Session requests.
Definition: SessionBackend.php:115
MediaWiki\HookContainer\HookRunner
This class provides an implementation of the core hook interfaces, forwarding hook calls to HookConta...
Definition: HookRunner.php:571
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition: User.php:56
DeferredUpdates\addCallableUpdate
static addCallableUpdate( $callable, $stage=self::POSTSEND, $dbw=null)
Add an update to the pending update queue that invokes the specified callback when run.
Definition: DeferredUpdates.php:145
MediaWiki\Session\SessionBackend\save
save( $closing=false)
Save the session.
Definition: SessionBackend.php:667
MediaWiki\Session\SessionBackend\$hookRunner
HookRunner $hookRunner
Definition: SessionBackend.php:103
MediaWiki\Session\SessionBackend\canSetUser
canSetUser()
Indicate whether the session user info can be changed.
Definition: SessionBackend.php:433
MediaWiki\Session\SessionBackend\setProviderMetadata
setProviderMetadata( $metadata)
Definition: SessionBackend.php:536
MediaWiki\Session\SessionBackend\unpersist
unpersist()
Make this session not persisted across requests.
Definition: SessionBackend.php:348
MediaWiki\Session\SessionBackend\suggestLoginUsername
suggestLoginUsername( $index)
Get a suggested username for the login form.
Definition: SessionBackend.php:466
MediaWiki\Session\SessionBackend\$usePhpSessionHandling
bool $usePhpSessionHandling
Definition: SessionBackend.php:133
MediaWiki\Session\SessionBackend\checkPHPSession
checkPHPSession()
For backwards compatibility, open the PHP session when the global session is persisted.
Definition: SessionBackend.php:801
MediaWiki\Session\SessionBackend\$remember
bool $remember
Definition: SessionBackend.php:60
MediaWiki\Session\SessionInfo\getUserInfo
getUserInfo()
Return the user.
Definition: SessionInfo.php:240
MediaWiki\Session\SessionBackend\$providerMetadata
array null $providerMetadata
provider-specified metadata
Definition: SessionBackend.php:121
MediaWiki\Session\SessionInfo\wasRemembered
wasRemembered()
Return whether the user was remembered.
Definition: SessionInfo.php:275
MediaWiki\Session\SessionBackend\$delaySave
int $delaySave
Definition: SessionBackend.php:130
BagOStuff\WRITE_CACHE_ONLY
const WRITE_CACHE_ONLY
Definition: BagOStuff.php:94
MediaWiki\Session\SessionBackend
This is the actual workhorse for Session.
Definition: SessionBackend.php:52