main/_redis_session_backend_8php_source.html

<?php


declare(strict_types=1);


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


namespace ‪TYPO3\CMS\Core\Session\Backend;


use Psr\Log\LoggerAwareInterface;

use Psr\Log\LoggerAwareTrait;

use ‪TYPO3\CMS\Core\Session\Backend\Exception\SessionNotCreatedException;

use ‪TYPO3\CMS\Core\Session\Backend\Exception\SessionNotFoundException;

use ‪TYPO3\CMS\Core\Session\Backend\Exception\SessionNotUpdatedException;


class ‪RedisSessionBackend implements ‪SessionBackendInterface, ‪HashableSessionBackendInterface, LoggerAwareInterface

{

    use LoggerAwareTrait;


    protected ‪$configuration = [];


    protected ‪$connected = false;


    protected ‪$applicationIdentifier = '';


    protected ‪$redis;


    protected ‪$identifier;


    public function ‪initialize(string ‪$identifier, array ‪$configuration)

    {

        $this->redis = new \Redis();


        $this->configuration = ‪$configuration;

        $this->identifier = ‪$identifier;

        $this->applicationIdentifier = 'typo3_ses_'

            . ‪$identifier . '_'

            . sha1(‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']) . '_';

    }


    public function ‪validateConfiguration()

    {

        if (!extension_loaded('redis')) {

            throw new \RuntimeException(

                'The PHP extension "redis" must be installed and loaded in order to use the redis session backend.',

                1481269826

            );

        }


        if (isset($this->configuration['database'])) {

            if (!is_int($this->configuration['database'])) {

                throw new \InvalidArgumentException(

                    'The specified database number is of type "' . gettype($this->configuration['database']) .

                    '" but an integer is expected.',

                    1481270871

                );

            }


            if ($this->configuration['database'] < 0) {

                throw new \InvalidArgumentException(

                    'The specified database "' . $this->configuration['database'] . '" must be greater or equal than zero.',

                    1481270923

                );

            }

        }

    }


    public function ‪hash(string $sessionId): string

    {

        // The sha1 hash ensures we have good length for the key.

        $key = sha1(‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . 'core-session-backend');

        return hash_hmac('sha256', $sessionId, $key);

    }


    public function get(string $sessionId): array

    {

        $this->‪initializeConnection();


        $hashedSessionId = $this->‪hash($sessionId);

        $rawData = $this->redis->get($this->‪getSessionKeyName($hashedSessionId));

        if ($rawData !== false) {

            $decodedValue = json_decode($rawData, true);

            if (is_array($decodedValue)) {

                return $decodedValue;

            }

        }

        throw new SessionNotFoundException('Session could not be fetched from redis', 1481885583);

    }


    public function remove(string $sessionId): bool

    {

        $this->‪initializeConnection();


        $deleteResult = $this->redis->del($this->‪getSessionKeyName($this->‪hash($sessionId)));


        // Redis delete result is either `int`, `false` or a `\Redis` multi mode object, where delete state cannot get

        // determined. Multi mode is not even supported by this session backend at all, therefore we handle this case as

        // "not successful".

        return is_int($deleteResult) && $deleteResult >= 1;

    }


    public function set(string $sessionId, array $sessionData): array

    {

        $this->‪initializeConnection();


        $hashedSessionId = $this->‪hash($sessionId);

        $sessionData['ses_id'] = $hashedSessionId;

        $sessionData['ses_tstamp'] = ‪$GLOBALS['EXEC_TIME'] ?? time();


        // nx will not allow overwriting existing keys

        $jsonString = json_encode($sessionData);

        $wasSet = is_string($jsonString) && $this->redis->set(

            $this->‪getSessionKeyName($hashedSessionId),

            $jsonString,

            ['nx']

        );


        if (!$wasSet) {

            throw new SessionNotCreatedException('Session could not be written to Redis', 1481895647);

        }


        return $sessionData;

    }


    public function ‪update(string $sessionId, array $sessionData): array

    {

        $hashedSessionId = $this->‪hash($sessionId);

        try {

            $sessionData = array_merge($this->get($sessionId), $sessionData);

        } catch (SessionNotFoundException $e) {

            throw new SessionNotUpdatedException('Cannot update non-existing record', 1484389971, $e);

        }

        $sessionData['ses_id'] = $hashedSessionId;

        $sessionData['ses_tstamp'] = ‪$GLOBALS['EXEC_TIME'] ?? time();


        $key = $this->‪getSessionKeyName($hashedSessionId);

        $jsonString = json_encode($sessionData);

        $wasSet = is_string($jsonString) && $this->redis->set($key, $jsonString);


        if (!$wasSet) {

            throw new SessionNotUpdatedException('Session could not be updated in Redis', 1481896383);

        }


        return $sessionData;

    }


    public function ‪collectGarbage(int $maximumLifetime, int $maximumAnonymousLifetime = 0)

    {

        foreach ($this->‪getAll() as $sessionRecord) {

            if (!($sessionRecord['ses_userid'] ?? false)) {

                if ($maximumAnonymousLifetime > 0 && ($sessionRecord['ses_tstamp'] + $maximumAnonymousLifetime) < ‪$GLOBALS['EXEC_TIME']) {

                    $this->redis->del($this->‪getSessionKeyName($sessionRecord['ses_id']));

                }

            } else {

                if (($sessionRecord['ses_tstamp'] + $maximumLifetime) < ‪$GLOBALS['EXEC_TIME']) {

                    $this->redis->del($this->‪getSessionKeyName($sessionRecord['ses_id']));

                }

            }

        }

    }


    protected function ‪initializeConnection()

    {

        if ($this->connected) {

            return;

        }


        try {

            $this->connected = $this->redis->pconnect(

                $this->configuration['hostname'] ?? '127.0.0.1',

                $this->configuration['port'] ?? 6379,

                0.0,

                $this->identifier

            );

        } catch (\RedisException $e) {

            $this->logger->alert('Could not connect to redis server.', ['exception' => $e]);

        }


        if (!$this->connected) {

            throw new \RuntimeException(

                'Could not connect to redis server at ' . $this->configuration['hostname'] . ':' . $this->configuration['port'],

                1482242961

            );

        }


        if (isset($this->configuration['password'])

            && $this->configuration['password'] !== ''

            && !$this->redis->auth($this->configuration['password'])

        ) {

            throw new \RuntimeException(

                'The given password was not accepted by the redis server.',

                1481270961

            );

        }


        if (isset($this->configuration['database'])

            && $this->configuration['database'] > 0

            && !$this->redis->select($this->configuration['database'])

        ) {

            throw new \RuntimeException(

                'The given database "' . $this->configuration['database'] . '" could not be selected.',

                1481270987

            );

        }

    }


    public function ‪getAll(): array

    {

        $this->‪initializeConnection();


        $keys = [];

        // Initialize our iterator to null, needed by redis->scan

        $iterator = null;

        $this->redis->setOption(\Redis::OPT_SCAN, (string)\Redis::SCAN_RETRY);

        $pattern = $this->‪getSessionKeyName('*');

        // retry when we get no keys back, redis->scan returns a chunk (array) of keys per iteration

        while (($keyChunk = $this->redis->scan($iterator, $pattern)) !== false) {

            foreach ($keyChunk as $key) {

                $keys[] = $key;

            }

        }


        $encodedSessions = $this->redis->mGet($keys);

        if (!is_array($encodedSessions)) {

            return [];

        }


        $sessions = [];

        foreach ($encodedSessions as $session) {

            if (is_string($session)) {

                $decodedSession = json_decode($session, true);

                if ($decodedSession) {

                    $sessions[] = $decodedSession;

                }

            }

        }


        return $sessions;

    }


    protected function ‪getSessionKeyName(string $sessionId): string

    {

        return $this->applicationIdentifier . $sessionId;

    }


    protected function ‪getSessionTimeout(): int

    {

        return (int)(‪$GLOBALS['TYPO3_CONF_VARS'][‪$this->identifier]['sessionTimeout'] ?? 86400);

    }

}