Skip to content

Commit

Permalink
Added Grav\Framework\Session class to replace `RocketTheme\Toolbox\…
Browse files Browse the repository at this point in the history
…Session\Session`

Improved session handling, allow all session configuration options in `system.session.options`
  • Loading branch information
mahagr committed Mar 21, 2018
1 parent df18562 commit f31f7f0
Show file tree
Hide file tree
Showing 4 changed files with 405 additions and 73 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,11 @@
## mm/dd/2018

1. [](#new)
* Added `Grav\Framework\Session` class to replace `RocketTheme\Toolbox\Session\Session`
* Added new `|nicefilesize` Twig filter for pretty file (auto converts to bytes, kB, MB, GB, etc)
* Added new `regex_filter()` Twig function to values in arrays
1. [](#improved)
* Improved session handling, allow all session configuration options in `system.session.options`
* Added bosnian to lang codes [#1917](https://github.com/getgrav/grav/issues/1917)
* Improved Zip extraction error codes [#1922](https://github.com/getgrav/grav/issues/1922)
1. [](#bugfix)
Expand Down
47 changes: 27 additions & 20 deletions system/src/Grav/Common/Service/SessionServiceProvider.php
Original file line number Diff line number Diff line change
Expand Up @@ -29,21 +29,22 @@ public function register(Container $container)
/** @var Uri $uri */
$uri = $c['uri'];

// Get session parameters.
$session_timeout = (int)$config->get('system.session.timeout', 1800);
$session_path = $config->get('system.session.path');
if (null === $session_path) {
$session_path = '/' . ltrim(Uri::filterPath($uri->rootUrl(false)), '/');
}
$domain = $uri->host();
if ($domain === 'localhost') {
$domain = '';
}

// Get session options.
$secure = (bool)$config->get('system.session.secure', false);
$httponly = (bool)$config->get('system.session.httponly', true);
$enabled = (bool)$config->get('system.session.enabled', false);
$cookie_secure = (bool)$config->get('system.session.secure', false);
$cookie_httponly = (bool)$config->get('system.session.httponly', true);
$cookie_lifetime = (int)$config->get('system.session.timeout', 1800);
$cookie_path = $config->get('system.session.path');
if (null === $cookie_path) {
$cookie_path = '/' . trim(Uri::filterPath($uri->rootUrl(false)), '/');
}
// Session cookie path requires trailing slash.
$cookie_path = rtrim($cookie_path, '/') . '/';

$cookie_domain = $uri->host();
if ($cookie_domain === 'localhost') {
$cookie_domain = '';
}

// Activate admin if we're inside the admin path.
$is_admin = false;
Expand All @@ -56,14 +57,14 @@ public function register(Container $container)
// Check no language, simple language prefix (en) and region specific language prefix (en-US).
$pos = strpos($current_route, $base);
if ($pos === 0 || $pos === 3 || $pos === 6) {
$session_timeout = $config->get('plugins.admin.session.timeout', 1800);
$cookie_lifetime = $config->get('plugins.admin.session.timeout', 1800);
$enabled = $is_admin = true;
}
}

// Fix for HUGE session timeouts.
if ($session_timeout > 99999999999) {
$session_timeout = 9999999999;
if ($cookie_lifetime > 99999999999) {
$cookie_lifetime = 9999999999;
}

$inflector = new Inflector();
Expand All @@ -73,10 +74,16 @@ public function register(Container $container)
}

// Define session service.
$session = new Session($session_timeout, $session_path, $domain);
$session->setName($session_name);
$session->setSecure($secure);
$session->setHttpOnly($httponly);
$options = [
'name' => $session_name,
'cookie_lifetime' => $cookie_lifetime,
'cookie_path' => $cookie_path,
'cookie_domain' => $cookie_domain,
'cookie_secure' => $cookie_secure,
'cookie_httponly' => $cookie_httponly
] + (array) $config->get('system.session.options');

$session = new Session($options);
$session->setAutoStart($enabled);

return $session;
Expand Down
54 changes: 1 addition & 53 deletions system/src/Grav/Common/Session.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,36 +8,11 @@

namespace Grav\Common;

use RocketTheme\Toolbox\Session\Session as BaseSession;

class Session extends BaseSession
class Session extends \Grav\Framework\Session\Session
{
/** @var bool */
protected $autoStart = false;

protected $lifetime;
protected $path;
protected $domain;
protected $secure;
protected $httpOnly;

/**
* @param int $lifetime Defaults to 1800 seconds.
* @param string $path Cookie path.
* @param string $domain Optional, domain for the session
* @throws \RuntimeException
*/
public function __construct($lifetime, $path, $domain = null)
{
$this->lifetime = $lifetime;
$this->path = $path;
$this->domain = $domain;

if (php_sapi_name() !== 'cli') {
parent::__construct($lifetime, $path, $domain);
}
}

/**
* Initialize session.
*
Expand All @@ -48,9 +23,6 @@ public function init()
if ($this->autoStart) {
$this->start();

// TODO: This setcookie shouldn't be here, session should by itself be able to update its cookie.
setcookie(session_name(), session_id(), $this->lifetime ? time() + $this->lifetime : 0, $this->path, $this->domain, $this->secure, $this->httpOnly);

$this->autoStart = false;
}
}
Expand All @@ -66,30 +38,6 @@ public function setAutoStart($auto)
return $this;
}

/**
* @param bool $secure
* @return $this
*/
public function setSecure($secure)
{
$this->secure = $secure;
ini_set('session.cookie_secure', (bool)$secure);

return $this;
}

/**
* @param bool $httpOnly
* @return $this
*/
public function setHttpOnly($httpOnly)
{
$this->httpOnly = $httpOnly;
ini_set('session.cookie_httponly', (bool)$httpOnly);

return $this;
}

/**
* Store something in session temporarily.
*
Expand Down
Loading

0 comments on commit f31f7f0

Please sign in to comment.