MediaWiki  master
MediaWiki\Session\CookieSessionProvider Class Reference

A CookieSessionProvider persists sessions using cookies. More...

Inheritance diagram for MediaWiki\Session\CookieSessionProvider:
Collaboration diagram for MediaWiki\Session\CookieSessionProvider:

Public Member Functions

 __construct ( $params=[])
 canChangeUser ()
 getRememberUserDuration ()
 getVaryCookies ()
 persistSession (SessionBackend $session, WebRequest $request)
 persistsSessionId ()
 provideSessionInfo (WebRequest $request)
 setConfig (Config $config)
 suggestLoginUsername (WebRequest $request)
 unpersistSession (WebRequest $request)
 whyNoSession ()
 Return a Message for why sessions might not be being persisted. More...
- Public Member Functions inherited from MediaWiki\Session\SessionProvider
 __construct ()
 __toString ()
 canChangeUser ()
 Indicate whether the user associated with the request can be changed. More...
 describe (Language $lang)
 Return an identifier for this session type. More...
 getAllowedUserRights (SessionBackend $backend)
 Fetch the rights allowed the user when the specified session is active. More...
 getManager ()
 Get the session manager. More...
 getRememberUserDuration ()
 Returns the duration (in seconds) for which users will be remembered when Session::setRememberUser() is set. More...
 getVaryCookies ()
 Return the list of cookies that need varying on. More...
 getVaryHeaders ()
 Return the HTTP headers that need varying on. More...
 invalidateSessionsForUser (User $user)
 Invalidate existing sessions for a user. More...
 mergeMetadata (array $savedMetadata, array $providedMetadata)
 Merge saved session provider metadata. More...
 newSessionInfo ( $id=null)
 Provide session info for a new, empty session. More...
 persistSession (SessionBackend $session, WebRequest $request)
 Persist a session into a request/response. More...
 persistsSessionId ()
 Indicate whether self::persistSession() can save arbitrary session IDs. More...
 preventSessionsForUser ( $username)
 Prevent future sessions for the user. More...
 provideSessionInfo (WebRequest $request)
 Provide session info for a request. More...
 refreshSessionInfo (SessionInfo $info, WebRequest $request, &$metadata)
 Validate a loaded SessionInfo and refresh provider metadata. More...
 sessionIdWasReset (SessionBackend $session, $oldId)
 Notification that the session ID was reset. More...
 setConfig (Config $config)
 Set configuration. More...
 setLogger (LoggerInterface $logger)
 setManager (SessionManager $manager)
 Set the session manager. More...
 suggestLoginUsername (WebRequest $request)
 Get a suggested username for the login form. More...
 unpersistSession (WebRequest $request)
 Remove any persisted session from a request/response. More...
 whyNoSession ()
 Return a Message for why sessions might not be being persisted. More...

Protected Member Functions

 cookieDataToExport ( $user, $remember)
 Return the data to store in cookies. More...
 getCookie ( $request, $key, $prefix, $default=null)
 Get a cookie. More...
 getExtendedLoginCookies ()
 Gets the list of cookies that must be set to the 'remember me' duration, if $wgExtendedLoginCookieExpiration is in use. More...
 getLoginCookieExpiration ( $cookieName, $shouldRememberUser)
 Returns the lifespan of the login cookies, in seconds. More...
 getUserInfoFromCookies ( $request)
 Fetch the user identity from cookies. More...
 sessionDataToExport ( $user)
 Return extra data to store in the session. More...
 setForceHTTPSCookie ( $set, SessionBackend $backend=null, WebRequest $request)
 Set the "forceHTTPS" cookie. More...
 setLoggedOutCookie ( $loggedOut, WebRequest $request)
 Set the "logged out" cookie. More...
- Protected Member Functions inherited from MediaWiki\Session\SessionProvider
 describeMessage ()
 Return a Message identifying this session type. More...
 hashToSessionId ( $data, $key=null)
 Hash data as a session ID. More...

Protected Attributes

mixed [] $cookieOptions = []
mixed [] $params = []
- Protected Attributes inherited from MediaWiki\Session\SessionProvider
Config $config
LoggerInterface $logger
SessionManager $manager
int $priority
 Session priority. More...

Detailed Description

A CookieSessionProvider persists sessions using cookies.


Definition at line 36 of file CookieSessionProvider.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\Session\CookieSessionProvider::__construct (   $params = [])
array$paramsKeys include:
  • priority: (required) Priority of the returned sessions
  • callUserSetCookiesHook: Whether to call the deprecated hook
  • sessionName: Session cookie name. Doesn't honor 'prefix'. Defaults to $wgSessionName, or $wgCookiePrefix . '_session' if that is unset.
  • cookieOptions: Options to pass to WebRequest::setCookie():
    • prefix: Cookie prefix, defaults to $wgCookiePrefix
    • path: Cookie path, defaults to $wgCookiePath
    • domain: Cookie domain, defaults to $wgCookieDomain
    • secure: Cookie secure flag, defaults to $wgCookieSecure
    • httpOnly: Cookie httpOnly flag, defaults to $wgCookieHttpOnly

Definition at line 57 of file CookieSessionProvider.php.

References MediaWiki\Session\CookieSessionProvider\$params, MediaWiki\Session\SessionInfo\MAX_PRIORITY, and MediaWiki\Session\SessionInfo\MIN_PRIORITY.

Member Function Documentation

◆ canChangeUser()

MediaWiki\Session\CookieSessionProvider::canChangeUser ( )

Definition at line 187 of file CookieSessionProvider.php.

◆ cookieDataToExport()

MediaWiki\Session\CookieSessionProvider::cookieDataToExport (   $user,

Return the data to store in cookies.

array $cookies Set value false to unset the cookie

Definition at line 367 of file CookieSessionProvider.php.

References $user, and string.

Referenced by MediaWiki\Session\CookieSessionProvider\persistSession().

◆ getCookie()

MediaWiki\Session\CookieSessionProvider::getCookie (   $request,
  $default = null 

Get a cookie.

Contains an auth-specific hack.

mixed | null$default

Definition at line 348 of file CookieSessionProvider.php.

References $request, $value, and null.

Referenced by MediaWiki\Session\CookieSessionProvider\getUserInfoFromCookies(), MediaWiki\Session\CookieSessionProvider\provideSessionInfo(), MediaWiki\Session\CookieSessionProvider\setLoggedOutCookie(), and MediaWiki\Session\CookieSessionProvider\suggestLoginUsername().

◆ getExtendedLoginCookies()

MediaWiki\Session\CookieSessionProvider::getExtendedLoginCookies ( )

Gets the list of cookies that must be set to the 'remember me' duration, if $wgExtendedLoginCookieExpiration is in use.

string[] Array of unprefixed cookie keys

Definition at line 416 of file CookieSessionProvider.php.

Referenced by MediaWiki\Session\CookieSessionProvider\getLoginCookieExpiration().

◆ getLoginCookieExpiration()

MediaWiki\Session\CookieSessionProvider::getLoginCookieExpiration (   $cookieName,

Returns the lifespan of the login cookies, in seconds.

0 means until the end of the session.

Cookies that are session-length do not call this function.

bool$shouldRememberUserWhether the user should be remembered long-term
int Cookie expiration time in seconds; 0 for session cookies

Definition at line 430 of file CookieSessionProvider.php.

References MediaWiki\Session\CookieSessionProvider\getExtendedLoginCookies(), and null.

Referenced by MediaWiki\Session\CookieSessionProvider\getRememberUserDuration(), MediaWiki\Session\CookieSessionProvider\persistSession(), and MediaWiki\Session\CookieSessionProvider\setForceHTTPSCookie().

◆ getRememberUserDuration()

MediaWiki\Session\CookieSessionProvider::getRememberUserDuration ( )

◆ getUserInfoFromCookies()

MediaWiki\Session\CookieSessionProvider::getUserInfoFromCookies (   $request)

Fetch the user identity from cookies.

array (string|null $id, string|null $username, string|null $token)

Definition at line 331 of file CookieSessionProvider.php.

References $request, and MediaWiki\Session\CookieSessionProvider\getCookie().

Referenced by MediaWiki\Session\CookieSessionProvider\provideSessionInfo().

◆ getVaryCookies()

MediaWiki\Session\CookieSessionProvider::getVaryCookies ( )

Definition at line 307 of file CookieSessionProvider.php.

◆ persistSession()

◆ persistsSessionId()

MediaWiki\Session\CookieSessionProvider::persistsSessionId ( )

Definition at line 183 of file CookieSessionProvider.php.

◆ provideSessionInfo()

◆ sessionDataToExport()

MediaWiki\Session\CookieSessionProvider::sessionDataToExport (   $user)

Return extra data to store in the session.

array $session

Definition at line 387 of file CookieSessionProvider.php.

References $user.

Referenced by MediaWiki\Session\CookieSessionProvider\persistSession().

◆ setConfig()

MediaWiki\Session\CookieSessionProvider::setConfig ( Config  $config)

Definition at line 86 of file CookieSessionProvider.php.

References Config\get().

◆ setForceHTTPSCookie()

MediaWiki\Session\CookieSessionProvider::setForceHTTPSCookie (   $set,
SessionBackend  $backend = null,
WebRequest  $request 

Set the "forceHTTPS" cookie.

bool$setWhether the cookie should be set or not
SessionBackend | null$backend

Definition at line 271 of file CookieSessionProvider.php.

References $response, MediaWiki\Session\CookieSessionProvider\getLoginCookieExpiration(), null, and WebRequest\response().

Referenced by MediaWiki\Session\CookieSessionProvider\persistSession(), and MediaWiki\Session\CookieSessionProvider\unpersistSession().

◆ setLoggedOutCookie()

MediaWiki\Session\CookieSessionProvider::setLoggedOutCookie (   $loggedOut,
WebRequest  $request 

Set the "logged out" cookie.


Definition at line 298 of file CookieSessionProvider.php.

References MediaWiki\Session\CookieSessionProvider\getCookie(), and WebRequest\response().

Referenced by MediaWiki\Session\CookieSessionProvider\persistSession().

◆ suggestLoginUsername()

MediaWiki\Session\CookieSessionProvider::suggestLoginUsername ( WebRequest  $request)

◆ unpersistSession()

MediaWiki\Session\CookieSessionProvider::unpersistSession ( WebRequest  $request)

◆ whyNoSession()

MediaWiki\Session\CookieSessionProvider::whyNoSession ( )

Return a Message for why sessions might not be being persisted.

For example, "check whether you're blocking our cookies".


Implements MediaWiki\Session\SessionProviderInterface.

Definition at line 401 of file CookieSessionProvider.php.

References wfMessage().

Member Data Documentation

◆ $cookieOptions

mixed [] MediaWiki\Session\CookieSessionProvider::$cookieOptions = []

◆ $params

mixed [] MediaWiki\Session\CookieSessionProvider::$params = []

The documentation for this class was generated from the following file: