‪TYPO3CMS  11.5
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Core\Session\UserSessionManager Class Reference
Inheritance diagram for TYPO3\CMS\Core\Session\UserSessionManager:

Public Member Functions

 __construct (SessionBackendInterface $sessionBackend, int $sessionLifetime, IpLocker $ipLocker, string $loginType)
 
UserSession createFromRequestOrAnonymous (ServerRequestInterface $request, string $cookieName)
 
UserSession createFromGlobalCookieOrAnonymous (string $cookieName)
 
UserSession createAnonymousSession ()
 
UserSession createSessionFromStorage (string $sessionId)
 
bool hasExpired (UserSession $session)
 
bool willExpire (UserSession $session, int $gracePeriod)
 
UserSession fixateAnonymousSession (UserSession $session, bool $isPermanent=false)
 
UserSession elevateToFixatedUserSession (UserSession $session, int $userId, bool $isPermanent=false)
 
UserSession regenerateSession (string $sessionId, array $existingSessionRecord=[], bool $anonymous=false)
 
UserSession updateSessionTimestamp (UserSession $session)
 
 isSessionPersisted (UserSession $session)
 
 removeSession (UserSession $session)
 
 updateSession (UserSession $session)
 
 collectGarbage (int $garbageCollectionProbability=1)
 

Static Public Member Functions

static static create (string $loginType, int $sessionLifetime=null, SessionManager $sessionManager=null, IpLocker $ipLocker=null)
 

Protected Member Functions

 setGarbageCollectionTimeoutForAnonymousSessions (int $garbageCollectionForAnonymousSessions=0)
 
string createSessionId ()
 
 getNormalizedParams ()
 
UserSession null getSessionFromSessionId (string $id)
 
UserSession recreateUserSession (UserSession $session, array $sessionRecord=null)
 

Protected Attributes

const SESSION_ID_LENGTH = 32
 
const GARBAGE_COLLECTION_LIFETIME = 86400
 
const LIFETIME_OF_ANONYMOUS_SESSION_DATA = 86400
 
int $sessionLifetime
 
int $garbageCollectionForAnonymousSessions = self::LIFETIME_OF_ANONYMOUS_SESSION_DATA
 
SessionBackendInterface $sessionBackend
 
IpLocker $ipLocker
 
string $loginType
 

Detailed Description

The purpose of the UserSessionManager is to create new user session objects (acting as a factory), depending on the need / request, and to fetch sessions from the Session Backend, effectively encapsulating all calls to the SessionManager

Definition at line 37 of file UserSessionManager.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Session\UserSessionManager::__construct ( SessionBackendInterface  $sessionBackend,
int  $sessionLifetime,
IpLocker  $ipLocker,
string  $loginType 
)

Constructor. Marked as internal, as it is recommended to use the factory method "create"

Parameters
SessionBackendInterface$sessionBackend
int$sessionLifetime
IpLocker$ipLocker

Definition at line 69 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSessionManager\$ipLocker, TYPO3\CMS\Core\Session\UserSessionManager\$loginType, TYPO3\CMS\Core\Session\UserSessionManager\$sessionBackend, and TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime.

Member Function Documentation

◆ collectGarbage()

TYPO3\CMS\Core\Session\UserSessionManager::collectGarbage ( int  $garbageCollectionProbability = 1)

Definition at line 282 of file UserSessionManager.php.

◆ create()

static static TYPO3\CMS\Core\Session\UserSessionManager::create ( string  $loginType,
int  $sessionLifetime = null,
SessionManager  $sessionManager = null,
IpLocker  $ipLocker = null 
)
static

Create a UserSessionManager instance for the given login type. Has several optional arguments used for testing purposes to inject dummy objects if needed.

Ideally, this factory encapsulates all "TYPO3_CONF_VARS" options, so the actual object does not need to consider any global state.

Parameters
string$loginType
int | null$sessionLifetime
SessionManager | null$sessionManager
IpLocker | null$ipLocker
Returns
‪static

Definition at line 392 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSessionManager\$ipLocker, TYPO3\CMS\Core\Session\UserSessionManager\$loginType, and TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\initializeUserSessionManager(), TYPO3\CMS\Backend\Controller\AjaxLoginController\isTimedOutAction(), TYPO3\CMS\Frontend\Middleware\FrontendUserAuthenticator\sessionGarbageCollection(), and TYPO3\CMS\Backend\Middleware\BackendUserAuthenticator\sessionGarbageCollection().

◆ createAnonymousSession()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::createAnonymousSession ( )

Creates a non-fixated session without a user logged in

Returns
UserSession

Definition at line 116 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createNonFixated(), and TYPO3\CMS\Core\Session\UserSessionManager\createSessionId().

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\createFromGlobalCookieOrAnonymous(), and TYPO3\CMS\Core\Session\UserSessionManager\createFromRequestOrAnonymous().

◆ createFromGlobalCookieOrAnonymous()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::createFromGlobalCookieOrAnonymous ( string  $cookieName)

sessionId is set to ses_id if a cookie is present in $_COOKIE. Otherwise a new anonymous session will start.

Parameters
string$cookieName
Returns
UserSession

Definition at line 105 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSessionManager\createAnonymousSession(), and TYPO3\CMS\Core\Session\UserSessionManager\getSessionFromSessionId().

◆ createFromRequestOrAnonymous()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::createFromRequestOrAnonymous ( ServerRequestInterface  $request,
string  $cookieName 
)

sessionId is set to ses_id if a cookie is present in the request. Otherwise a new anonymous session will start.

Parameters
ServerRequestInterface$request
string$cookieName
Returns
UserSession

Definition at line 92 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSessionManager\createAnonymousSession(), and TYPO3\CMS\Core\Session\UserSessionManager\getSessionFromSessionId().

◆ createSessionFromStorage()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::createSessionFromStorage ( string  $sessionId)

Creates a new user session object from an existing session data.

Parameters
string$sessionId‪The session id to be looked up in the session backend
Returns
UserSession The created user session object

this is only used as a bridge for existing methods, might be removed or renamed without further notice

Definition at line 129 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createFromRecord(), and TYPO3\CMS\Core\Session\UserSession\get().

◆ createSessionId()

string TYPO3\CMS\Core\Session\UserSessionManager::createSessionId ( )
protected

Creates a new session ID using a random with SESSION_ID_LENGTH as length of the random part

Returns
‪string

Definition at line 298 of file UserSessionManager.php.

References $GLOBALS, and TYPO3\CMS\Core\Session\UserSessionManager\getNormalizedParams().

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\createAnonymousSession(), and TYPO3\CMS\Core\Session\UserSessionManager\regenerateSession().

◆ elevateToFixatedUserSession()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::elevateToFixatedUserSession ( UserSession  $session,
int  $userId,
bool  $isPermanent = false 
)

Removes existing entries, creates and returns a new user session record

Parameters
UserSession$session‪The user session to recreate
int$userId‪The user id the session belongs to
bool$isPermanent‪If TRUE, the session will get the is_permanent flag
Returns
UserSession The newly created user session object
Exceptions
Backend

Definition at line 195 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSession\createFromRecord(), and TYPO3\CMS\Core\Session\UserSession\getIdentifier().

◆ fixateAnonymousSession()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::fixateAnonymousSession ( UserSession  $session,
bool  $isPermanent = false 
)

Persists an anonymous session without a user logged in, in order to store session data between requests.

Parameters
UserSession$session‪The user session to fixate
bool$isPermanent‪If TRUE, the session will get the is_permanent flag
Returns
UserSession a new session object with an updated ses_tstamp (allowing to keep the session alive)
Exceptions
Backend

Definition at line 170 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier(), TYPO3\CMS\Core\Session\UserSessionManager\recreateUserSession(), and TYPO3\CMS\Core\Session\UserSession\toArray().

◆ getNormalizedParams()

TYPO3\CMS\Core\Session\UserSessionManager::getNormalizedParams ( )
protected
Todo:
‪/notes for backports: Same as in typo3/sysext/core/Classes/Hooks/CreateSiteConfiguration.php,

Definition at line 312 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Http\NormalizedParams\createFromServerParams(), and TYPO3\CMS\Core\Core\Environment\isCli().

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\createSessionId(), and TYPO3\CMS\Core\Session\UserSessionManager\getSessionFromSessionId().

◆ getSessionFromSessionId()

UserSession null TYPO3\CMS\Core\Session\UserSessionManager::getSessionFromSessionId ( string  $id)
protected

Tries to fetch a user session form the session backend. If non is given, an anonymous session will be created.

Parameters
string$id
Returns
‪UserSession|null The created user session object or null

Definition at line 335 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSession\createFromRecord(), and TYPO3\CMS\Core\Session\UserSessionManager\getNormalizedParams().

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\createFromGlobalCookieOrAnonymous(), TYPO3\CMS\Core\Session\UserSessionManager\createFromRequestOrAnonymous(), and TYPO3\CMS\Core\Session\UserSessionManager\isSessionPersisted().

◆ hasExpired()

bool TYPO3\CMS\Core\Session\UserSessionManager::hasExpired ( UserSession  $session)

Check if a session has expired. This is the case if sessionLifetime is 0, or current time greater than sessionLifetime plus last update time of the session.

Parameters
UserSession$session
Returns
‪bool

Definition at line 143 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime, and TYPO3\CMS\Core\Session\UserSession\getLastUpdated().

◆ isSessionPersisted()

TYPO3\CMS\Core\Session\UserSessionManager::isSessionPersisted ( UserSession  $session)

Definition at line 266 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier(), and TYPO3\CMS\Core\Session\UserSessionManager\getSessionFromSessionId().

◆ recreateUserSession()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::recreateUserSession ( UserSession  $session,
array  $sessionRecord = null 
)
protected

Recreates UserSession object from existing session data - keeping new state. This method shall be used to reflect updated low-level session data in corresponding UserSession object.

Parameters
UserSession$session
array | null$sessionRecord
Returns
UserSession
Exceptions
SessionNotFoundException

Definition at line 428 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createFromRecord(), TYPO3\CMS\Core\Session\UserSession\getIdentifier(), and TYPO3\CMS\Core\Session\UserSession\isNew().

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\fixateAnonymousSession(), TYPO3\CMS\Core\Session\UserSessionManager\updateSession(), and TYPO3\CMS\Core\Session\UserSessionManager\updateSessionTimestamp().

◆ regenerateSession()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::regenerateSession ( string  $sessionId,
array  $existingSessionRecord = [],
bool  $anonymous = false 
)

Regenerate the session ID and transfer the session to new ID Call this method whenever a user proceeds to a higher authorization level e.g. when an anonymous session is now authenticated.

Parameters
string$sessionId‪The session id
array$existingSessionRecord‪If given, this session record will be used instead of fetching again
bool$anonymous‪If true session will be regenerated as anonymous session
Returns
UserSession
Exceptions
Backend

Definition at line 229 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createFromRecord(), TYPO3\CMS\Core\Session\UserSessionManager\createSessionId(), and TYPO3\CMS\Core\Session\UserSession\get().

◆ removeSession()

TYPO3\CMS\Core\Session\UserSessionManager::removeSession ( UserSession  $session)

Definition at line 271 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier().

◆ setGarbageCollectionTimeoutForAnonymousSessions()

TYPO3\CMS\Core\Session\UserSessionManager::setGarbageCollectionTimeoutForAnonymousSessions ( int  $garbageCollectionForAnonymousSessions = 0)
protected

Definition at line 77 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSessionManager\$garbageCollectionForAnonymousSessions.

◆ updateSession()

TYPO3\CMS\Core\Session\UserSessionManager::updateSession ( UserSession  $session)

Definition at line 276 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier(), TYPO3\CMS\Core\Session\UserSessionManager\recreateUserSession(), and TYPO3\CMS\Core\Session\UserSession\toArray().

◆ updateSessionTimestamp()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::updateSessionTimestamp ( UserSession  $session)

Updates the session timestamp for the given user session if the session is marked as "needs update" (which means the current timestamp is greater than "last updated + a specified gracetime-value".

Parameters
UserSession$session
Returns
UserSession a modified user session with a last updated value if needed
Exceptions
Backend

Definition at line 256 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier(), TYPO3\CMS\Core\Session\UserSession\needsUpdate(), and TYPO3\CMS\Core\Session\UserSessionManager\recreateUserSession().

◆ willExpire()

bool TYPO3\CMS\Core\Session\UserSessionManager::willExpire ( UserSession  $session,
int  $gracePeriod 
)

Check if a session will expire within the given grace period.

Parameters
UserSession$session
int$gracePeriod
Returns
‪bool

Definition at line 155 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime, and TYPO3\CMS\Core\Session\UserSession\getLastUpdated().

Member Data Documentation

◆ $garbageCollectionForAnonymousSessions

int TYPO3\CMS\Core\Session\UserSessionManager::$garbageCollectionForAnonymousSessions = self::LIFETIME_OF_ANONYMOUS_SESSION_DATA
protected

Definition at line 56 of file UserSessionManager.php.

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\setGarbageCollectionTimeoutForAnonymousSessions().

◆ $ipLocker

IpLocker TYPO3\CMS\Core\Session\UserSessionManager::$ipLocker
protected

Definition at line 58 of file UserSessionManager.php.

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\__construct(), and TYPO3\CMS\Core\Session\UserSessionManager\create().

◆ $loginType

string TYPO3\CMS\Core\Session\UserSessionManager::$loginType
protected

Definition at line 59 of file UserSessionManager.php.

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\__construct(), and TYPO3\CMS\Core\Session\UserSessionManager\create().

◆ $sessionBackend

SessionBackendInterface TYPO3\CMS\Core\Session\UserSessionManager::$sessionBackend
protected

Definition at line 57 of file UserSessionManager.php.

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\__construct().

◆ $sessionLifetime

int TYPO3\CMS\Core\Session\UserSessionManager::$sessionLifetime
protected

Definition at line 54 of file UserSessionManager.php.

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\__construct(), TYPO3\CMS\Core\Session\UserSessionManager\create(), TYPO3\CMS\Core\Session\UserSessionManager\hasExpired(), and TYPO3\CMS\Core\Session\UserSessionManager\willExpire().

◆ GARBAGE_COLLECTION_LIFETIME

const TYPO3\CMS\Core\Session\UserSessionManager::GARBAGE_COLLECTION_LIFETIME = 86400
protected

Definition at line 43 of file UserSessionManager.php.

◆ LIFETIME_OF_ANONYMOUS_SESSION_DATA

const TYPO3\CMS\Core\Session\UserSessionManager::LIFETIME_OF_ANONYMOUS_SESSION_DATA = 86400
protected

Definition at line 44 of file UserSessionManager.php.

◆ SESSION_ID_LENGTH

const TYPO3\CMS\Core\Session\UserSessionManager::SESSION_ID_LENGTH = 32
protected

Definition at line 42 of file UserSessionManager.php.