MediaWiki master
|
Inherits MediaWiki\Session\SessionProvider.
Public Member Functions | |
canChangeUser () | |
Sure, you can be whoever you want, as long as you have ID 0. | |
persistSession (SessionBackend $session, WebRequest $request) | |
Persist a session into a request/response. | |
persistsSessionId () | |
Yes we will treat your data with great care! | |
provideSessionInfo (WebRequest $request) | |
Pretend there is a session, to avoid MWCryptRand overhead. | |
unpersistSession (WebRequest $request) | |
Remove any persisted session from a request/response. | |
Public Member Functions inherited from MediaWiki\Session\SessionProvider | |
__construct () | |
__toString () | |
canAlwaysAutocreate () | |
Returns true if this provider is exempt from autocreate user permissions check. | |
describe (Language $lang) | |
Return an identifier for this session type.
| |
getAllowedUserRights (SessionBackend $backend) | |
Fetch the rights allowed the user when the specified session is active. | |
getManager () | |
Get the session manager. | |
getRememberUserDuration () | |
Returns the duration (in seconds) for which users will be remembered when Session::setRememberUser() is set. | |
getRestrictions (?array $providerMetadata) | |
Fetch any restrictions imposed on logins or actions when this session is active. | |
getVaryCookies () | |
Return the list of cookies that need varying on. | |
getVaryHeaders () | |
Return the HTTP headers that need varying on. | |
init (LoggerInterface $logger, Config $config, SessionManager $manager, HookContainer $hookContainer, UserNameUtils $userNameUtils) | |
Initialise with dependencies of a SessionProvider. | |
invalidateSessionsForUser (User $user) | |
Invalidate existing sessions for a user. | |
mergeMetadata (array $savedMetadata, array $providedMetadata) | |
Merge saved session provider metadata. | |
newSessionInfo ( $id=null) | |
Provide session info for a new, empty session. | |
preventSessionsForUser ( $username) | |
Prevent future sessions for the user. | |
refreshSessionInfo (SessionInfo $info, WebRequest $request, &$metadata) | |
Validate a loaded SessionInfo and refresh provider metadata. | |
safeAgainstCsrf () | |
Most session providers require protection against CSRF attacks (usually via CSRF tokens) | |
sessionIdWasReset (SessionBackend $session, $oldId) | |
Notification that the session ID was reset. | |
setConfig (Config $config) | |
Set configuration. | |
setHookContainer ( $hookContainer) | |
setLogger (LoggerInterface $logger) | |
Sets a logger instance on the object. | |
setManager (SessionManager $manager) | |
Set the session manager. | |
suggestLoginUsername (WebRequest $request) | |
Get a suggested username for the login form. | |
whyNoSession () | |
Return a Message for why sessions might not be being persisted.For example, "check whether you're blocking our cookies".
| |
Additional Inherited Members | |
Protected Member Functions inherited from MediaWiki\Session\SessionProvider | |
describeMessage () | |
Return a Message identifying this session type. | |
getConfig () | |
Get the config. | |
getHookContainer () | |
Get the HookContainer. | |
getHookRunner () | |
Get the HookRunner. | |
hashToSessionId ( $data, $key=null) | |
Hash data as a session ID. | |
makeException ( $key,... $params) | |
Throw an exception, later. | |
postInitSetup () | |
A provider can override this to do any necessary setup after init() is called. | |
Protected Attributes inherited from MediaWiki\Session\SessionProvider | |
Config | $config |
LoggerInterface | $logger |
SessionManager | $manager |
int | $priority |
Session priority. | |
UserNameUtils | $userNameUtils |
Definition at line 33 of file InstallerSessionProvider.php.
MediaWiki\Installer\InstallerSessionProvider::canChangeUser | ( | ) |
Sure, you can be whoever you want, as long as you have ID 0.
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 58 of file InstallerSessionProvider.php.
MediaWiki\Installer\InstallerSessionProvider::persistSession | ( | SessionBackend | $session, |
WebRequest | $request ) |
Persist a session into a request/response.
For example, you might set cookies for the session's ID, user ID, user name, and user token on the passed request.
To correctly persist a user independently of the session ID, the provider should persist both the user ID (or name, but preferably the ID) and the user token. When reading the data from the request, it should construct a User object from the ID/name and then verify that the User object's token matches the token included in the request. Should the tokens not match, an anonymous user must be passed to SessionInfo::__construct().
When persisting a user independently of the session ID, $session->shouldRememberUser() should be checked first. If this returns false, the user token must not be saved to cookies. The user name and/or ID may be persisted, and should be used to construct an unverified UserInfo to pass to SessionInfo::__construct().
A backend that cannot persist session ID or user info should implement this as a no-op.
SessionBackend | $session | Session to persist |
WebRequest | $request | Request into which to persist the session |
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 62 of file InstallerSessionProvider.php.
MediaWiki\Installer\InstallerSessionProvider::persistsSessionId | ( | ) |
Yes we will treat your data with great care!
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 50 of file InstallerSessionProvider.php.
MediaWiki\Installer\InstallerSessionProvider::provideSessionInfo | ( | WebRequest | $request | ) |
Pretend there is a session, to avoid MWCryptRand overhead.
WebRequest | $request |
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 39 of file InstallerSessionProvider.php.
MediaWiki\Installer\InstallerSessionProvider::unpersistSession | ( | WebRequest | $request | ) |
Remove any persisted session from a request/response.
For example, blank and expire any cookies set by self::persistSession().
A backend that cannot persist session ID or user info should implement this as a no-op.
WebRequest | $request | Request from which to remove any session data |
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 65 of file InstallerSessionProvider.php.