MediaWiki  master
MediaWiki\Session\ImmutableSessionProviderWithCookie Class Reference

An ImmutableSessionProviderWithCookie doesn't persist the user, but optionally can use a cookie to support multiple IDs per session. More...

Inheritance diagram for MediaWiki\Session\ImmutableSessionProviderWithCookie:
Collaboration diagram for MediaWiki\Session\ImmutableSessionProviderWithCookie:

Public Member Functions

 __construct ( $params=[])
 
 canChangeUser ()
 
 getVaryCookies ()
 
 persistSession (SessionBackend $session, WebRequest $request)
 
 persistsSessionId ()
 
 unpersistSession (WebRequest $request)
 
 whyNoSession ()
 Return a Message for why sessions might not be being persisted. More...
 
- Public Member Functions inherited from MediaWiki\Session\SessionProvider
 __construct ()
 
 __toString ()
 
 canChangeUser ()
 Indicate whether the user associated with the request can be changed. More...
 
 describe (Language $lang)
 Return an identifier for this session type. More...
 
 getAllowedUserRights (SessionBackend $backend)
 Fetch the rights allowed the user when the specified session is active. More...
 
 getManager ()
 Get the session manager. More...
 
 getRememberUserDuration ()
 Returns the duration (in seconds) for which users will be remembered when Session::setRememberUser() is set. More...
 
 getVaryCookies ()
 Return the list of cookies that need varying on. More...
 
 getVaryHeaders ()
 Return the HTTP headers that need varying on. More...
 
 invalidateSessionsForUser (User $user)
 Invalidate existing sessions for a user. More...
 
 mergeMetadata (array $savedMetadata, array $providedMetadata)
 Merge saved session provider metadata. More...
 
 newSessionInfo ( $id=null)
 Provide session info for a new, empty session. More...
 
 persistSession (SessionBackend $session, WebRequest $request)
 Persist a session into a request/response. More...
 
 persistsSessionId ()
 Indicate whether self::persistSession() can save arbitrary session IDs. More...
 
 preventSessionsForUser ( $username)
 Prevent future sessions for the user. More...
 
 provideSessionInfo (WebRequest $request)
 Provide session info for a request. More...
 
 refreshSessionInfo (SessionInfo $info, WebRequest $request, &$metadata)
 Validate a loaded SessionInfo and refresh provider metadata. More...
 
 sessionIdWasReset (SessionBackend $session, $oldId)
 Notification that the session ID was reset. More...
 
 setConfig (Config $config)
 Set configuration. More...
 
 setLogger (LoggerInterface $logger)
 
 setManager (SessionManager $manager)
 Set the session manager. More...
 
 suggestLoginUsername (WebRequest $request)
 Get a suggested username for the login form. More...
 
 unpersistSession (WebRequest $request)
 Remove any persisted session from a request/response. More...
 
 whyNoSession ()
 Return a Message for why sessions might not be being persisted. More...
 

Protected Member Functions

 getSessionIdFromCookie (WebRequest $request)
 Get the session ID from the cookie, if any. More...
 
- Protected Member Functions inherited from MediaWiki\Session\SessionProvider
 describeMessage ()
 Return a Message identifying this session type. More...
 
 hashToSessionId ( $data, $key=null)
 Hash data as a session ID. More...
 

Protected Attributes

string null $sessionCookieName = null
 
mixed [] $sessionCookieOptions = []
 
- Protected Attributes inherited from MediaWiki\Session\SessionProvider
Config $config
 
LoggerInterface $logger
 
SessionManager $manager
 
int $priority
 Session priority. More...
 

Detailed Description

An ImmutableSessionProviderWithCookie doesn't persist the user, but optionally can use a cookie to support multiple IDs per session.

As mentioned in the documentation for SessionProvider, many methods that are technically "cannot persist ID" could be turned into "can persist ID but not changing User" using a session cookie. This class implements such an optional session cookie.

Since
1.27

Definition at line 40 of file ImmutableSessionProviderWithCookie.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\Session\ImmutableSessionProviderWithCookie::__construct (   $params = [])
Parameters
array$paramsKeys include:
  • sessionCookieName: Session cookie name, if multiple sessions per client are to be supported.
  • sessionCookieOptions: Options to pass to WebResponse::setCookie().

Definition at line 53 of file ImmutableSessionProviderWithCookie.php.

Member Function Documentation

◆ canChangeUser()

MediaWiki\Session\ImmutableSessionProviderWithCookie::canChangeUser ( )

Definition at line 97 of file ImmutableSessionProviderWithCookie.php.

◆ getSessionIdFromCookie()

MediaWiki\Session\ImmutableSessionProviderWithCookie::getSessionIdFromCookie ( WebRequest  $request)
protected

Get the session ID from the cookie, if any.

Only call this if $this->sessionCookieName !== null. If sessionCookieName is null, do some logic (probably involving a call to $this->hashToSessionId()) to create the single session ID corresponding to this WebRequest instead of calling this method.

Parameters
WebRequest$request
Returns
string|null

Definition at line 81 of file ImmutableSessionProviderWithCookie.php.

References WebRequest\getCookie(), and MediaWiki\Session\SessionManager\validateSessionId().

Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest(), and MediaWiki\Session\Session\BotPasswordSessionProvider\provideSessionInfo().

◆ getVaryCookies()

MediaWiki\Session\ImmutableSessionProviderWithCookie::getVaryCookies ( )

◆ persistSession()

◆ persistsSessionId()

MediaWiki\Session\ImmutableSessionProviderWithCookie::persistsSessionId ( )

Definition at line 93 of file ImmutableSessionProviderWithCookie.php.

◆ unpersistSession()

MediaWiki\Session\ImmutableSessionProviderWithCookie::unpersistSession ( WebRequest  $request)

Definition at line 123 of file ImmutableSessionProviderWithCookie.php.

References $response, and WebRequest\response().

◆ whyNoSession()

MediaWiki\Session\ImmutableSessionProviderWithCookie::whyNoSession ( )

Return a Message for why sessions might not be being persisted.

For example, "check whether you're blocking our cookies".

Returns
Message|null

Implements MediaWiki\Session\SessionProviderInterface.

Definition at line 147 of file ImmutableSessionProviderWithCookie.php.

References wfMessage().

Member Data Documentation

◆ $sessionCookieName

string null MediaWiki\Session\ImmutableSessionProviderWithCookie::$sessionCookieName = null
protected

◆ $sessionCookieOptions

mixed [] MediaWiki\Session\ImmutableSessionProviderWithCookie::$sessionCookieOptions = []
protected

The documentation for this class was generated from the following file: