MediaWiki  master
SessionBackend.php
Go to the documentation of this file.
1 <?php
24 namespace MediaWiki\Session;
25 
26 use CachedBagOStuff;
29 use Psr\Log\LoggerInterface;
30 use User;
31 use WebRequest;
32 use Wikimedia\AtEase\AtEase;
33 
52 final class SessionBackend {
54  private $id;
55 
57  private $persist = false;
58 
60  private $remember = false;
61 
63  private $forceHTTPS = false;
64 
66  private $data = null;
67 
69  private $forcePersist = false;
70 
80 
85  private $persistenceChangeData = [];
86 
88  private $metaDirty = false;
89 
91  private $dataDirty = false;
92 
94  private $dataHash = null;
95 
97  private $store;
98 
100  private $logger;
101 
103  private $hookRunner;
104 
106  private $lifetime;
107 
109  private $user;
110 
112  private $curIndex = 0;
113 
115  private $requests = [];
116 
118  private $provider;
119 
121  private $providerMetadata = null;
122 
124  private $expires = 0;
125 
127  private $loggedOut = 0;
128 
130  private $delaySave = 0;
131 
133  private $usePhpSessionHandling = true;
136 
138  private $shutdown = false;
139 
148  public function __construct(
149  SessionId $id, SessionInfo $info, CachedBagOStuff $store, LoggerInterface $logger,
150  HookContainer $hookContainer, $lifetime
151  ) {
152  $phpSessionHandling = \RequestContext::getMain()->getConfig()->get( 'PHPSessionHandling' );
153  $this->usePhpSessionHandling = $phpSessionHandling !== 'disable';
154 
155  if ( $info->getUserInfo() && !$info->getUserInfo()->isVerified() ) {
156  throw new \InvalidArgumentException(
157  "Refusing to create session for unverified user {$info->getUserInfo()}"
158  );
159  }
160  if ( $info->getProvider() === null ) {
161  throw new \InvalidArgumentException( 'Cannot create session without a provider' );
162  }
163  if ( $info->getId() !== $id->getId() ) {
164  throw new \InvalidArgumentException( 'SessionId and SessionInfo don\'t match' );
165  }
166 
167  $this->id = $id;
168  $this->user = $info->getUserInfo() ? $info->getUserInfo()->getUser() : new User;
169  $this->store = $store;
170  $this->logger = $logger;
171  $this->hookRunner = new HookRunner( $hookContainer );
172  $this->lifetime = $lifetime;
173  $this->provider = $info->getProvider();
174  $this->persist = $info->wasPersisted();
175  $this->remember = $info->wasRemembered();
176  $this->forceHTTPS = $info->forceHTTPS();
177  $this->providerMetadata = $info->getProviderMetadata();
178 
179  $blob = $store->get( $store->makeKey( 'MWSession', (string)$this->id ) );
180  if ( !is_array( $blob ) ||
181  !isset( $blob['metadata'] ) || !is_array( $blob['metadata'] ) ||
182  !isset( $blob['data'] ) || !is_array( $blob['data'] )
183  ) {
184  $this->data = [];
185  $this->dataDirty = true;
186  $this->metaDirty = true;
187  $this->persistenceChangeType = 'no-store';
188  $this->logger->debug(
189  'SessionBackend "{session}" is unsaved, marking dirty in constructor',
190  [
191  'session' => $this->id,
192  ] );
193  } else {
194  $this->data = $blob['data'];
195  if ( isset( $blob['metadata']['loggedOut'] ) ) {
196  $this->loggedOut = (int)$blob['metadata']['loggedOut'];
197  }
198  if ( isset( $blob['metadata']['expires'] ) ) {
199  $this->expires = (int)$blob['metadata']['expires'];
200  } else {
201  $this->metaDirty = true;
202  $this->persistenceChangeType = 'no-expiry';
203  $this->logger->debug(
204  'SessionBackend "{session}" metadata dirty due to missing expiration timestamp',
205  [
206  'session' => $this->id,
207  ] );
208  }
209  }
210  $this->dataHash = md5( serialize( $this->data ) );
211  }
212 
218  public function getSession( WebRequest $request ) {
219  $index = ++$this->curIndex;
220  $this->requests[$index] = $request;
221  $session = new Session( $this, $index, $this->logger );
222  return $session;
223  }
224 
230  public function deregisterSession( $index ) {
231  unset( $this->requests[$index] );
232  if ( !$this->shutdown && !count( $this->requests ) ) {
233  $this->save( true );
234  $this->provider->getManager()->deregisterSessionBackend( $this );
235  }
236  }
237 
242  public function shutdown() {
243  $this->save( true );
244  $this->shutdown = true;
245  }
246 
251  public function getId() {
252  return (string)$this->id;
253  }
254 
260  public function getSessionId() {
261  return $this->id;
262  }
263 
268  public function resetId() {
269  if ( $this->provider->persistsSessionId() ) {
270  $oldId = (string)$this->id;
271  $restart = $this->usePhpSessionHandling && $oldId === session_id() &&
273 
274  if ( $restart ) {
275  // If this session is the one behind PHP's $_SESSION, we need
276  // to close then reopen it.
277  session_write_close();
278  }
279 
280  $this->provider->getManager()->changeBackendId( $this );
281  $this->provider->sessionIdWasReset( $this, $oldId );
282  $this->metaDirty = true;
283  $this->logger->debug(
284  'SessionBackend "{session}" metadata dirty due to ID reset (formerly "{oldId}")',
285  [
286  'session' => $this->id,
287  'oldId' => $oldId,
288  ] );
289 
290  if ( $restart ) {
291  session_id( (string)$this->id );
292  AtEase::quietCall( 'session_start' );
293  }
294 
295  $this->autosave();
296 
297  // Delete the data for the old session ID now
298  $this->store->delete( $this->store->makeKey( 'MWSession', $oldId ) );
299  }
300 
301  return $this->id;
302  }
303 
308  public function getProvider() {
309  return $this->provider;
310  }
311 
319  public function isPersistent() {
320  return $this->persist;
321  }
322 
329  public function persist() {
330  if ( !$this->persist ) {
331  $this->persist = true;
332  $this->forcePersist = true;
333  $this->metaDirty = true;
334  $this->logger->debug(
335  'SessionBackend "{session}" force-persist due to persist()',
336  [
337  'session' => $this->id,
338  ] );
339  $this->autosave();
340  } else {
341  $this->renew();
342  }
343  }
344 
348  public function unpersist() {
349  if ( $this->persist ) {
350  // Close the PHP session, if we're the one that's open
351  if ( $this->usePhpSessionHandling && PHPSessionHandler::isEnabled() &&
352  session_id() === (string)$this->id
353  ) {
354  $this->logger->debug(
355  'SessionBackend "{session}" Closing PHP session for unpersist',
356  [ 'session' => $this->id ]
357  );
358  session_write_close();
359  session_id( '' );
360  }
361 
362  $this->persist = false;
363  $this->forcePersist = true;
364  $this->metaDirty = true;
365 
366  // Delete the session data, so the local cache-only write in
367  // self::save() doesn't get things out of sync with the backend.
368  $this->store->delete( $this->store->makeKey( 'MWSession', (string)$this->id ) );
369 
370  $this->autosave();
371  }
372  }
373 
379  public function shouldRememberUser() {
380  return $this->remember;
381  }
382 
388  public function setRememberUser( $remember ) {
389  if ( $this->remember !== (bool)$remember ) {
390  $this->remember = (bool)$remember;
391  $this->metaDirty = true;
392  $this->logger->debug(
393  'SessionBackend "{session}" metadata dirty due to remember-user change',
394  [
395  'session' => $this->id,
396  ] );
397  $this->autosave();
398  }
399  }
400 
406  public function getRequest( $index ) {
407  if ( !isset( $this->requests[$index] ) ) {
408  throw new \InvalidArgumentException( 'Invalid session index' );
409  }
410  return $this->requests[$index];
411  }
412 
417  public function getUser() {
418  return $this->user;
419  }
420 
425  public function getAllowedUserRights() {
426  return $this->provider->getAllowedUserRights( $this );
427  }
428 
433  public function canSetUser() {
434  return $this->provider->canChangeUser();
435  }
436 
444  public function setUser( $user ) {
445  if ( !$this->canSetUser() ) {
446  throw new \BadMethodCallException(
447  'Cannot set user on this session; check $session->canSetUser() first'
448  );
449  }
450 
451  $this->user = $user;
452  $this->metaDirty = true;
453  $this->logger->debug(
454  'SessionBackend "{session}" metadata dirty due to user change',
455  [
456  'session' => $this->id,
457  ] );
458  $this->autosave();
459  }
460 
466  public function suggestLoginUsername( $index ) {
467  if ( !isset( $this->requests[$index] ) ) {
468  throw new \InvalidArgumentException( 'Invalid session index' );
469  }
470  return $this->provider->suggestLoginUsername( $this->requests[$index] );
471  }
472 
477  public function shouldForceHTTPS() {
478  return $this->forceHTTPS;
479  }
480 
485  public function setForceHTTPS( $force ) {
486  if ( $this->forceHTTPS !== (bool)$force ) {
487  $this->forceHTTPS = (bool)$force;
488  $this->metaDirty = true;
489  $this->logger->debug(
490  'SessionBackend "{session}" metadata dirty due to force-HTTPS change',
491  [
492  'session' => $this->id,
493  ] );
494  $this->autosave();
495  }
496  }
497 
502  public function getLoggedOutTimestamp() {
503  return $this->loggedOut;
504  }
505 
510  public function setLoggedOutTimestamp( $ts = null ) {
511  $ts = (int)$ts;
512  if ( $this->loggedOut !== $ts ) {
513  $this->loggedOut = $ts;
514  $this->metaDirty = true;
515  $this->logger->debug(
516  'SessionBackend "{session}" metadata dirty due to logged-out-timestamp change',
517  [
518  'session' => $this->id,
519  ] );
520  $this->autosave();
521  }
522  }
523 
529  public function getProviderMetadata() {
531  }
532 
538  public function setProviderMetadata( $metadata ) {
539  if ( $metadata !== null && !is_array( $metadata ) ) {
540  throw new \InvalidArgumentException( '$metadata must be an array or null' );
541  }
542  if ( $this->providerMetadata !== $metadata ) {
543  $this->providerMetadata = $metadata;
544  $this->metaDirty = true;
545  $this->logger->debug(
546  'SessionBackend "{session}" metadata dirty due to provider metadata change',
547  [
548  'session' => $this->id,
549  ] );
550  $this->autosave();
551  }
552  }
553 
563  public function &getData() {
564  return $this->data;
565  }
566 
574  public function addData( array $newData ) {
575  $data = &$this->getData();
576  foreach ( $newData as $key => $value ) {
577  if ( !array_key_exists( $key, $data ) || $data[$key] !== $value ) {
578  $data[$key] = $value;
579  $this->dataDirty = true;
580  $this->logger->debug(
581  'SessionBackend "{session}" data dirty due to addData(): {callers}',
582  [
583  'session' => $this->id,
584  'callers' => wfGetAllCallers( 5 ),
585  ] );
586  }
587  }
588  }
589 
594  public function dirty() {
595  $this->dataDirty = true;
596  $this->logger->debug(
597  'SessionBackend "{session}" data dirty due to dirty(): {callers}',
598  [
599  'session' => $this->id,
600  'callers' => wfGetAllCallers( 5 ),
601  ] );
602  }
603 
610  public function renew() {
611  if ( time() + $this->lifetime / 2 > $this->expires ) {
612  $this->metaDirty = true;
613  $this->logger->debug(
614  'SessionBackend "{callers}" metadata dirty for renew(): {callers}',
615  [
616  'session' => $this->id,
617  'callers' => wfGetAllCallers( 5 ),
618  ] );
619  if ( $this->persist ) {
620  $this->persistenceChangeType = 'renew';
621  $this->forcePersist = true;
622  $this->logger->debug(
623  'SessionBackend "{session}" force-persist for renew(): {callers}',
624  [
625  'session' => $this->id,
626  'callers' => wfGetAllCallers( 5 ),
627  ] );
628  }
629  }
630  $this->autosave();
631  }
632 
640  public function delaySave() {
641  $this->delaySave++;
642  return new \Wikimedia\ScopedCallback( function () {
643  if ( --$this->delaySave <= 0 ) {
644  $this->delaySave = 0;
645  $this->save();
646  }
647  } );
648  }
649 
654  private function autosave() {
655  if ( $this->delaySave <= 0 ) {
656  $this->save();
657  }
658  }
659 
669  public function save( $closing = false ) {
670  $anon = $this->user->isAnon();
671 
672  if ( !$anon && $this->provider->getManager()->isUserSessionPrevented( $this->user->getName() ) ) {
673  $this->logger->debug(
674  'SessionBackend "{session}" not saving, user {user} was ' .
675  'passed to SessionManager::preventSessionsForUser',
676  [
677  'session' => $this->id,
678  'user' => $this->user,
679  ] );
680  return;
681  }
682 
683  // Ensure the user has a token
684  // @codeCoverageIgnoreStart
685  if ( !$anon && !$this->user->getToken( false ) ) {
686  $this->logger->debug(
687  'SessionBackend "{session}" creating token for user {user} on save',
688  [
689  'session' => $this->id,
690  'user' => $this->user,
691  ] );
692  $this->user->setToken();
693  if ( !wfReadOnly() ) {
694  // Promise that the token set here will be valid; save it at end of request
695  $user = $this->user;
696  \DeferredUpdates::addCallableUpdate( function () use ( $user ) {
697  $user->saveSettings();
698  } );
699  }
700  $this->metaDirty = true;
701  }
702  // @codeCoverageIgnoreEnd
703 
704  if ( !$this->metaDirty && !$this->dataDirty &&
705  $this->dataHash !== md5( serialize( $this->data ) )
706  ) {
707  $this->logger->debug(
708  'SessionBackend "{session}" data dirty due to hash mismatch, {expected} !== {got}',
709  [
710  'session' => $this->id,
711  'expected' => $this->dataHash,
712  'got' => md5( serialize( $this->data ) ),
713  ] );
714  $this->dataDirty = true;
715  }
716 
717  if ( !$this->metaDirty && !$this->dataDirty && !$this->forcePersist ) {
718  return;
719  }
720 
721  $this->logger->debug(
722  'SessionBackend "{session}" save: dataDirty={dataDirty} ' .
723  'metaDirty={metaDirty} forcePersist={forcePersist}',
724  [
725  'session' => $this->id,
726  'dataDirty' => (int)$this->dataDirty,
727  'metaDirty' => (int)$this->metaDirty,
728  'forcePersist' => (int)$this->forcePersist,
729  ] );
730 
731  // Persist or unpersist to the provider, if necessary
732  if ( $this->metaDirty || $this->forcePersist ) {
733  if ( $this->persist ) {
734  foreach ( $this->requests as $request ) {
735  $request->setSessionId( $this->getSessionId() );
736  $this->logPersistenceChange( $request, true );
737  $this->provider->persistSession( $this, $request );
738  }
739  if ( !$closing ) {
740  $this->checkPHPSession();
741  }
742  } else {
743  foreach ( $this->requests as $request ) {
744  if ( $request->getSessionId() === $this->id ) {
745  $this->logPersistenceChange( $request, false );
746  $this->provider->unpersistSession( $request );
747  }
748  }
749  }
750  }
751 
752  $this->forcePersist = false;
753  $this->persistenceChangeType = null;
754 
755  if ( !$this->metaDirty && !$this->dataDirty ) {
756  return;
757  }
758 
759  // Save session data to store, if necessary
760  $metadata = $origMetadata = [
761  'provider' => (string)$this->provider,
762  'providerMetadata' => $this->providerMetadata,
763  'userId' => $anon ? 0 : $this->user->getId(),
764  'userName' => User::isValidUserName( $this->user->getName() ) ? $this->user->getName() : null,
765  'userToken' => $anon ? null : $this->user->getToken(),
766  'remember' => !$anon && $this->remember,
767  'forceHTTPS' => $this->forceHTTPS,
768  'expires' => time() + $this->lifetime,
769  'loggedOut' => $this->loggedOut,
770  'persisted' => $this->persist,
771  ];
772 
773  $this->hookRunner->onSessionMetadata( $this, $metadata, $this->requests );
774 
775  foreach ( $origMetadata as $k => $v ) {
776  if ( $metadata[$k] !== $v ) {
777  throw new \UnexpectedValueException( "SessionMetadata hook changed metadata key \"$k\"" );
778  }
779  }
780 
781  $flags = $this->persist ? 0 : CachedBagOStuff::WRITE_CACHE_ONLY;
782  $flags |= CachedBagOStuff::WRITE_SYNC; // write to all datacenters
783  $this->store->set(
784  $this->store->makeKey( 'MWSession', (string)$this->id ),
785  [
786  'data' => $this->data,
787  'metadata' => $metadata,
788  ],
789  $metadata['expires'],
790  $flags
791  );
792 
793  $this->metaDirty = false;
794  $this->dataDirty = false;
795  $this->dataHash = md5( serialize( $this->data ) );
796  $this->expires = $metadata['expires'];
797  }
798 
803  private function checkPHPSession() {
804  if ( !$this->checkPHPSessionRecursionGuard ) {
805  $this->checkPHPSessionRecursionGuard = true;
806  $reset = new \Wikimedia\ScopedCallback( function () {
807  $this->checkPHPSessionRecursionGuard = false;
808  } );
809 
810  if ( $this->usePhpSessionHandling && session_id() === '' && PHPSessionHandler::isEnabled() &&
811  SessionManager::getGlobalSession()->getId() === (string)$this->id
812  ) {
813  $this->logger->debug(
814  'SessionBackend "{session}" Taking over PHP session',
815  [
816  'session' => $this->id,
817  ] );
818  session_id( (string)$this->id );
819  AtEase::quietCall( 'session_start' );
820  }
821  }
822  }
823 
829  private function logPersistenceChange( WebRequest $request, bool $persist ) {
830  if ( !$this->isPersistent() && !$persist ) {
831  // FIXME SessionManager calls unpersistSession() on anonymous requests (and the cookie
832  // filtering in WebResponse makes it a noop). Skip those.
833  return;
834  }
835 
836  $verb = $persist ? 'Persisting' : 'Unpersisting';
837  if ( $this->persistenceChangeType === 'renew' ) {
838  $message = "$verb session for renewal";
839  } elseif ( $this->persistenceChangeType === 'no-store' ) {
840  $message = "$verb session due to no pre-existing stored session";
841  } elseif ( $this->persistenceChangeType === 'no-expiry' ) {
842  $message = "$verb session due to lack of stored expiry";
843  } elseif ( $this->persistenceChangeType === null ) {
844  $message = "$verb session for unknown reason";
845  }
846 
847  // Because SessionManager repeats session loading several times in the same request,
848  // it will try to persist or unpersist several times. WebResponse deduplicates, but
849  // we want to deduplicate logging as well since the volume is already fairly large.
850  $id = $this->getId();
851  $user = $this->getUser()->isAnon() ? '<anon>' : $this->getUser()->getName();
852  if ( $this->persistenceChangeData
853  && $this->persistenceChangeData['id'] === $id
854  && $this->persistenceChangeData['user'] === $user
855  && $this->persistenceChangeData['message'] === $message
856  ) {
857  return;
858  }
859  $this->persistenceChangeData = [ 'id' => $id, 'user' => $user, 'message' => $message ];
860 
861  $this->logger->info( $message, [
862  'id' => $id,
863  'provider' => get_class( $this->getProvider() ),
864  'user' => $user,
865  'clientip' => $request->getIP(),
866  'userAgent' => $request->getHeader( 'user-agent' ),
867  ] );
868  }
869 
870 }
MediaWiki\Session\SessionInfo\forceHTTPS
forceHTTPS()
Whether this session should only be used over HTTPS.
Definition: SessionInfo.php:285
MediaWiki\Session\SessionId\getId
getId()
Get the ID.
Definition: SessionId.php:57
MediaWiki\Session\SessionBackend\shouldRememberUser
shouldRememberUser()
Indicate whether the user should be remembered independently of the session ID.
Definition: SessionBackend.php:379
MediaWiki\Session\SessionBackend\getUser
getUser()
Returns the authenticated user for this session.
Definition: SessionBackend.php:417
MediaWiki\Session\SessionBackend\getRequest
getRequest( $index)
Returns the request associated with a Session.
Definition: SessionBackend.php:406
MediaWiki\Session\SessionBackend\getProviderMetadata
getProviderMetadata()
Fetch provider metadata.
Definition: SessionBackend.php:529
MediaWiki\Session\SessionBackend\$logger
LoggerInterface $logger
Definition: SessionBackend.php:100
MediaWiki\Session\SessionBackend\$curIndex
int $curIndex
Definition: SessionBackend.php:112
BagOStuff\WRITE_SYNC
const WRITE_SYNC
Bitfield constants for set()/merge(); these are only advisory.
Definition: BagOStuff.php:90
MediaWiki\Session\SessionBackend\getId
getId()
Returns the session ID.
Definition: SessionBackend.php:251
MediaWiki\Session\SessionBackend\$shutdown
bool $shutdown
Definition: SessionBackend.php:138
MediaWiki\Session\SessionBackend\$expires
int $expires
Definition: SessionBackend.php:124
MediaWiki\Session\SessionBackend\$id
SessionId $id
Definition: SessionBackend.php:54
MediaWiki\Session\SessionBackend\persist
persist()
Make this session persisted across requests.
Definition: SessionBackend.php:329
MediaWiki\Session\SessionBackend\setUser
setUser( $user)
Set a new user for this session.
Definition: SessionBackend.php:444
MediaWiki\Session\SessionBackend\getProvider
getProvider()
Fetch the SessionProvider for this session.
Definition: SessionBackend.php:308
MediaWiki\Session\PHPSessionHandler\isEnabled
static isEnabled()
Test whether the handler is installed and enabled.
Definition: PHPSessionHandler.php:103
MediaWiki\Session\SessionBackend\setLoggedOutTimestamp
setLoggedOutTimestamp( $ts=null)
Set the "logged out" timestamp.
Definition: SessionBackend.php:510
MediaWiki\Session\SessionInfo\getId
getId()
Return the session ID.
Definition: SessionInfo.php:193
MediaWiki\Session\SessionBackend\getData
& getData()
Fetch the session data array.
Definition: SessionBackend.php:563
wfReadOnly
wfReadOnly()
Check whether the wiki is in read-only mode.
Definition: GlobalFunctions.php:1126
MediaWiki\Session\SessionBackend\__construct
__construct(SessionId $id, SessionInfo $info, CachedBagOStuff $store, LoggerInterface $logger, HookContainer $hookContainer, $lifetime)
Definition: SessionBackend.php:148
User\isValidUserName
static isValidUserName( $name)
Is the input a valid username?
Definition: User.php:959
MediaWiki\Session\SessionBackend\resetId
resetId()
Changes the session ID.
Definition: SessionBackend.php:268
serialize
serialize()
Definition: ApiMessageTrait.php:138
MediaWiki\Session\SessionBackend\getSession
getSession(WebRequest $request)
Return a new Session for this backend.
Definition: SessionBackend.php:218
MediaWiki\Session\SessionBackend\logPersistenceChange
logPersistenceChange(WebRequest $request, bool $persist)
Helper method for logging persistSession/unpersistSession calls.
Definition: SessionBackend.php:829
MediaWiki\Session\SessionBackend\deregisterSession
deregisterSession( $index)
Deregister a Session.
Definition: SessionBackend.php:230
CachedBagOStuff\get
get( $key, $flags=0)
Get an item with the given key.
Definition: CachedBagOStuff.php:61
MediaWiki\Session\SessionBackend\autosave
autosave()
Save the session, unless delayed.
Definition: SessionBackend.php:654
MediaWiki\Session\SessionBackend\$forceHTTPS
bool $forceHTTPS
Definition: SessionBackend.php:63
MediaWiki\Session\SessionBackend\shutdown
shutdown()
Shut down a session.
Definition: SessionBackend.php:242
MediaWiki\Session\SessionBackend\$dataHash
string $dataHash
Used to detect subarray modifications.
Definition: SessionBackend.php:94
MediaWiki\Session\SessionBackend\$user
User $user
Definition: SessionBackend.php:109
MediaWiki\Session\Session
Manages data for an authenticated session.
Definition: Session.php:48
MediaWiki\Session\SessionProvider
A SessionProvider provides SessionInfo and support for Session.
Definition: SessionProvider.php:81
MediaWiki\Session\SessionInfo\getProvider
getProvider()
Return the provider.
Definition: SessionInfo.php:185
$blob
$blob
Definition: testCompression.php:70
MediaWiki\Session\SessionBackend\$metaDirty
bool $metaDirty
Definition: SessionBackend.php:88
MediaWiki\Session\SessionBackend\$store
CachedBagOStuff $store
Definition: SessionBackend.php:97
MediaWiki\Session\SessionBackend\$forcePersist
bool $forcePersist
Definition: SessionBackend.php:69
MediaWiki\Session\SessionBackend\addData
addData(array $newData)
Add data to the session.
Definition: SessionBackend.php:574
MediaWiki\Session\SessionBackend\$loggedOut
int $loggedOut
Definition: SessionBackend.php:127
MediaWiki\Session\SessionBackend\dirty
dirty()
Mark data as dirty.
Definition: SessionBackend.php:594
MediaWiki\Session
Definition: BotPasswordSessionProvider.php:24
MediaWiki\Session\SessionInfo\wasPersisted
wasPersisted()
Return whether the session is persisted.
Definition: SessionInfo.php:248
User\saveSettings
saveSettings()
Save this user's settings into the database.
Definition: User.php:3325
MediaWiki\Session\SessionBackend\setForceHTTPS
setForceHTTPS( $force)
Set whether HTTPS should be forced.
Definition: SessionBackend.php:485
MediaWiki\Session\SessionBackend\$persist
bool $persist
Definition: SessionBackend.php:57
MediaWiki\Session\SessionInfo\getProviderMetadata
getProviderMetadata()
Return provider metadata.
Definition: SessionInfo.php:256
MediaWiki\Session\SessionBackend\$checkPHPSessionRecursionGuard
bool $checkPHPSessionRecursionGuard
Definition: SessionBackend.php:135
MediaWiki\Session\SessionManager\getGlobalSession
static getGlobalSession()
Get the "global" session.
Definition: SessionManager.php:115
MediaWiki\Session\SessionBackend\$data
array null $data
Definition: SessionBackend.php:66
MediaWiki\Session\SessionBackend\$persistenceChangeData
array $persistenceChangeData
The data from the previous logPersistenceChange() log event.
Definition: SessionBackend.php:85
MediaWiki\Session\SessionBackend\getSessionId
getSessionId()
Fetch the SessionId object.
Definition: SessionBackend.php:260
CachedBagOStuff
Wrapper around a BagOStuff that caches data in memory.
Definition: CachedBagOStuff.php:37
MediaWiki\Session\SessionBackend\shouldForceHTTPS
shouldForceHTTPS()
Whether HTTPS should be forced.
Definition: SessionBackend.php:477
CachedBagOStuff\makeKey
makeKey( $class,... $components)
Make a cache key, scoped to this instance's keyspace.
Definition: CachedBagOStuff.php:155
RequestContext\getMain
static getMain()
Get the RequestContext object associated with the main request.
Definition: RequestContext.php:454
WebRequest
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form stripping il...
Definition: WebRequest.php:42
wfGetAllCallers
wfGetAllCallers( $limit=3)
Return a string consisting of callers in the stack.
Definition: GlobalFunctions.php:1413
WebRequest\getIP
getIP()
Work out the IP address based on various globals For trusted proxies, use the XFF client IP (first of...
Definition: WebRequest.php:1271
MediaWiki\Session\SessionBackend\getAllowedUserRights
getAllowedUserRights()
Fetch the rights allowed the user when this session is active.
Definition: SessionBackend.php:425
MediaWiki\Session\SessionInfo
Value object returned by SessionProvider.
Definition: SessionInfo.php:37
MediaWiki\Session\SessionBackend\isPersistent
isPersistent()
Indicate whether this session is persisted across requests.
Definition: SessionBackend.php:319
MediaWiki\Session\SessionBackend\$lifetime
int $lifetime
Definition: SessionBackend.php:106
MediaWiki\Session\SessionBackend\renew
renew()
Renew the session by resaving everything.
Definition: SessionBackend.php:610
MediaWiki\Session\SessionBackend\$persistenceChangeType
string null $persistenceChangeType
The reason for the next persistSession/unpersistSession call.
Definition: SessionBackend.php:79
MediaWiki\Session\SessionBackend\getLoggedOutTimestamp
getLoggedOutTimestamp()
Fetch the "logged out" timestamp.
Definition: SessionBackend.php:502
MediaWiki\Session\SessionBackend\delaySave
delaySave()
Delay automatic saving while multiple updates are being made.
Definition: SessionBackend.php:640
MediaWiki\Session\SessionId
Value object holding the session ID in a manner that can be globally updated.
Definition: SessionId.php:40
WebRequest\getHeader
getHeader( $name, $flags=0)
Get a request header, or false if it isn't set.
Definition: WebRequest.php:1130
MediaWiki\Session\SessionBackend\$provider
SessionProvider $provider
provider
Definition: SessionBackend.php:118
MediaWiki\Session\SessionBackend\setRememberUser
setRememberUser( $remember)
Set whether the user should be remembered independently of the session ID.
Definition: SessionBackend.php:388
MediaWiki\HookContainer\HookContainer
HookContainer class.
Definition: HookContainer.php:45
MediaWiki\Session\SessionBackend\$dataDirty
bool $dataDirty
Definition: SessionBackend.php:91
MediaWiki\Session\SessionBackend\$requests
WebRequest[] $requests
Session requests.
Definition: SessionBackend.php:115
MediaWiki\HookContainer\HookRunner
This class provides an implementation of the core hook interfaces, forwarding hook calls to HookConta...
Definition: HookRunner.php:562
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition: User.php:56
DeferredUpdates\addCallableUpdate
static addCallableUpdate( $callable, $stage=self::POSTSEND, $dbw=null)
Add a callable update.
Definition: DeferredUpdates.php:145
MediaWiki\Session\SessionBackend\save
save( $closing=false)
Save the session.
Definition: SessionBackend.php:669
MediaWiki\Session\SessionBackend\$hookRunner
HookRunner $hookRunner
Definition: SessionBackend.php:103
MediaWiki\Session\SessionBackend\canSetUser
canSetUser()
Indicate whether the session user info can be changed.
Definition: SessionBackend.php:433
MediaWiki\Session\SessionBackend\setProviderMetadata
setProviderMetadata( $metadata)
Set provider metadata.
Definition: SessionBackend.php:538
MediaWiki\Session\SessionBackend\unpersist
unpersist()
Make this session not persisted across requests.
Definition: SessionBackend.php:348
MediaWiki\Session\SessionBackend\suggestLoginUsername
suggestLoginUsername( $index)
Get a suggested username for the login form.
Definition: SessionBackend.php:466
MediaWiki\Session\SessionBackend\$usePhpSessionHandling
bool $usePhpSessionHandling
Definition: SessionBackend.php:133
MediaWiki\Session\SessionBackend\checkPHPSession
checkPHPSession()
For backwards compatibility, open the PHP session when the global session is persisted.
Definition: SessionBackend.php:803
MediaWiki\Session\SessionBackend\$remember
bool $remember
Definition: SessionBackend.php:60
MediaWiki\Session\SessionInfo\getUserInfo
getUserInfo()
Return the user.
Definition: SessionInfo.php:240
MediaWiki\Session\SessionBackend\$providerMetadata
array null $providerMetadata
provider-specified metadata
Definition: SessionBackend.php:121
MediaWiki\Session\SessionInfo\wasRemembered
wasRemembered()
Return whether the user was remembered.
Definition: SessionInfo.php:275
MediaWiki\Session\SessionBackend\$delaySave
int $delaySave
Definition: SessionBackend.php:130
BagOStuff\WRITE_CACHE_ONLY
const WRITE_CACHE_ONLY
Definition: BagOStuff.php:91
MediaWiki\Session\SessionBackend
This is the actual workhorse for Session.
Definition: SessionBackend.php:52