17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
40 public function loginAction(ServerRequestInterface $request): ResponseInterface
43 $result = [
'success' =>
true];
47 $formProtection->setSessionTokenFromRegistry();
48 $formProtection->persistSessionToken();
51 $result = [
'success' =>
false];
62 public function logoutAction(ServerRequestInterface $request): ResponseInterface
65 $backendUser->logoff();
68 'success' => !isset($backendUser->user[
'uid'])
75 $headers = $request->getHeaders();
78 'cookie' => !empty($request->getCookieParams()),
80 'referrer' => array_filter($headers[
'referer'] ?? []) !== [],
91 public function refreshAction(ServerRequestInterface $request): ResponseInterface
110 'timed_out' =>
false,
111 'will_time_out' =>
false,
116 $session[
'locked'] =
true;
117 } elseif (!isset($backendUser->user[
'uid'])) {
118 $session[
'timed_out'] =
true;
120 $backendUser->fetchUserSession(
true);
121 $ses_tstamp = $backendUser->user[
'ses_tstamp'];
122 $timeout = $backendUser->sessionTimeout;
125 $session[
'will_time_out'] =
$GLOBALS[
'EXEC_TIME'] >= $ses_tstamp + $timeout - 120;
149 return $loginFormData[
'status'] ===
'login' && !empty($loginFormData[
'uname']) && !empty($loginFormData[
'uident']);