‪TYPO3CMS  ‪main
TYPO3\CMS\Core\Session\UserSessionManager Class Reference
Inheritance diagram for TYPO3\CMS\Core\Session\UserSessionManager:

Public Member Functions

 __construct (SessionBackendInterface $sessionBackend, int $sessionLifetime, IpLocker $ipLocker, string $loginType)
 
UserSession createFromRequestOrAnonymous (ServerRequestInterface $request, string $cookieName)
 
 createAnonymousSession ()
 
UserSession createSessionFromStorage (string $sessionId)
 
 hasExpired (UserSession $session)
 
 willExpire (UserSession $session, int $gracePeriod)
 
UserSession fixateAnonymousSession (UserSession $session, bool $isPermanent=false)
 
UserSession elevateToFixatedUserSession (UserSession $session, int $userId, bool $isPermanent=false)
 
 regenerateSession (string $sessionId, array $existingSessionRecord=[], bool $anonymous=false)
 
UserSession updateSessionTimestamp (UserSession $session)
 
 isSessionPersisted (UserSession $session)
 
 removeSession (UserSession $session)
 
 updateSession (UserSession $session)
 
 collectGarbage (int $garbageCollectionProbability=1)
 

Static Public Member Functions

static static create (string $loginType, int $sessionLifetime=null, SessionManager $sessionManager=null, IpLocker $ipLocker=null)
 

Protected Member Functions

 setGarbageCollectionTimeoutForAnonymousSessions (int $garbageCollectionForAnonymousSessions=0)
 
 createSessionId ()
 
UserSession null getSessionFromSessionId (string $id)
 
 recreateUserSession (UserSession $session, array $sessionRecord=null)
 

Protected Attributes

const SESSION_ID_LENGTH = 32
 
const GARBAGE_COLLECTION_LIFETIME = 86400
 
const LIFETIME_OF_ANONYMOUS_SESSION_DATA = 86400
 
int $sessionLifetime
 
int $garbageCollectionForAnonymousSessions = self::LIFETIME_OF_ANONYMOUS_SESSION_DATA
 
SessionBackendInterface $sessionBackend
 
IpLocker $ipLocker
 
string $loginType
 

Detailed Description

The purpose of the UserSessionManager is to create new user session objects (acting as a factory), depending on the need / request, and to fetch sessions from the session backend, effectively encapsulating all calls to the SessionManager.

The UserSessionManager can be retrieved using its static factory method create():

Definition at line 45 of file UserSessionManager.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Session\UserSessionManager::__construct ( SessionBackendInterface  $sessionBackend,
int  $sessionLifetime,
IpLocker  $ipLocker,
string  $loginType 
)

Constructor. Marked as internal, as it is recommended to use the factory method "create"

it is recommended to use the factory method "create"

Definition at line 72 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSessionManager\$ipLocker, TYPO3\CMS\Core\Session\UserSessionManager\$loginType, TYPO3\CMS\Core\Session\UserSessionManager\$sessionBackend, and TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime.

Member Function Documentation

◆ collectGarbage()

TYPO3\CMS\Core\Session\UserSessionManager::collectGarbage ( int  $garbageCollectionProbability = 1)

Calls the session backends collectGarbage() method

Definition at line 281 of file UserSessionManager.php.

◆ create()

static static TYPO3\CMS\Core\Session\UserSessionManager::create ( string  $loginType,
int  $sessionLifetime = null,
SessionManager  $sessionManager = null,
IpLocker  $ipLocker = null 
)
static

Creates a UserSessionManager instance for the given login type. Has several optional arguments used for testing purposes to inject dummy objects if needed.

Ideally, this factory encapsulates all TYPO3_CONF_VARS options, so the actual object does not need to consider any global state.

Parameters
string$loginType
int | null$sessionLifetime
SessionManager | null$sessionManager
IpLocker | null$ipLocker
Returns
‪static

Definition at line 345 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSessionManager\$ipLocker, TYPO3\CMS\Core\Session\UserSessionManager\$loginType, and TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime.

Referenced by TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\initializeUserSessionManager(), TYPO3\CMS\Backend\Controller\AjaxLoginController\isTimedOutAction(), TYPO3\CMS\Frontend\Middleware\FrontendUserAuthenticator\sessionGarbageCollection(), and TYPO3\CMS\Backend\Middleware\BackendUserAuthenticator\sessionGarbageCollection().

◆ createAnonymousSession()

TYPO3\CMS\Core\Session\UserSessionManager::createAnonymousSession ( )

◆ createFromRequestOrAnonymous()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::createFromRequestOrAnonymous ( ServerRequestInterface  $request,
string  $cookieName 
)

Creates and returns a session from the given request. If the given $cookieName can not be obtained from the request an anonymous session will be returned.

Parameters
string$cookieName‪Name of the cookie that might contain the session
Returns
UserSession An existing session if one is stored in the cookie, an anonymous session otherwise

Definition at line 95 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSessionManager\createAnonymousSession(), TYPO3\CMS\Core\Http\NormalizedParams\createFromRequest(), TYPO3\CMS\Core\Session\UserSessionManager\getSessionFromSessionId(), and TYPO3\CMS\Core\Session\UserSession\resolveIdentifierFromJwt().

◆ createSessionFromStorage()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::createSessionFromStorage ( string  $sessionId)

Creates and returns a new session object for a given session id

Parameters
string$sessionId‪The session id to be looked up in the session backend
Returns
UserSession The created user session object

this is only used as a bridge for existing methods, might be removed or renamed without further notice

Definition at line 123 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createFromRecord(), and TYPO3\CMS\Core\Session\UserSession\get().

◆ createSessionId()

TYPO3\CMS\Core\Session\UserSessionManager::createSessionId ( )
protected

Creates a new session ID using a random with SESSION_ID_LENGTH as length

Definition at line 295 of file UserSessionManager.php.

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\createAnonymousSession(), and TYPO3\CMS\Core\Session\UserSessionManager\regenerateSession().

◆ elevateToFixatedUserSession()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::elevateToFixatedUserSession ( UserSession  $session,
int  $userId,
bool  $isPermanent = false 
)

Removes existing entries, creates and returns a new user session object. See regenerateSession() below.

Parameters
UserSession$session‪The user session to recreate
int$userId‪The user id the session belongs to
bool$isPermanent‪If true, the session will get the ses_permanent flag
Returns
UserSession The newly created user session object
Exceptions
Backend

Definition at line 184 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSession\createFromRecord(), and TYPO3\CMS\Core\Session\UserSession\getIdentifier().

◆ fixateAnonymousSession()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::fixateAnonymousSession ( UserSession  $session,
bool  $isPermanent = false 
)

Persists an anonymous session without a user logged-in, in order to store session data between requests

Parameters
UserSession$session‪The user session to fixate
bool$isPermanent‪If true, the session will get the ses_permanent flag
Returns
UserSession a new session object with an updated ses_tstamp (allowing to keep the session alive)
Exceptions
Backend

Definition at line 158 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier(), TYPO3\CMS\Core\Session\UserSessionManager\recreateUserSession(), and TYPO3\CMS\Core\Session\UserSession\toArray().

◆ getSessionFromSessionId()

UserSession null TYPO3\CMS\Core\Session\UserSessionManager::getSessionFromSessionId ( string  $id)
protected

Tries to fetch a user session form the session backend. If none is given, an anonymous session will be created.

Returns
‪UserSession|null The created user session object or null

Definition at line 306 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createFromRecord(), and TYPO3\CMS\Core\Session\UserSession\get().

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\createFromRequestOrAnonymous(), and TYPO3\CMS\Core\Session\UserSessionManager\isSessionPersisted().

◆ hasExpired()

TYPO3\CMS\Core\Session\UserSessionManager::hasExpired ( UserSession  $session)

Checks whether a session has expired. This is also the case if sessionLifetime is 0

Definition at line 133 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime, and TYPO3\CMS\Core\Session\UserSession\getLastUpdated().

◆ isSessionPersisted()

TYPO3\CMS\Core\Session\UserSessionManager::isSessionPersisted ( UserSession  $session)

Checks whether a given session is already persisted

Definition at line 256 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier(), and TYPO3\CMS\Core\Session\UserSessionManager\getSessionFromSessionId().

◆ recreateUserSession()

TYPO3\CMS\Core\Session\UserSessionManager::recreateUserSession ( UserSession  $session,
array  $sessionRecord = null 
)
protected

Recreates a UserSession object from the existing session data - keeping new state. This method shall be used to reflect updated low-level session data in corresponding UserSession object.

Parameters
array | null$sessionRecord
Exceptions
SessionNotFoundException

Definition at line 379 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createFromRecord(), TYPO3\CMS\Core\Session\UserSession\getIdentifier(), and TYPO3\CMS\Core\Session\UserSession\isNew().

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\fixateAnonymousSession(), TYPO3\CMS\Core\Session\UserSessionManager\updateSession(), and TYPO3\CMS\Core\Session\UserSessionManager\updateSessionTimestamp().

◆ regenerateSession()

TYPO3\CMS\Core\Session\UserSessionManager::regenerateSession ( string  $sessionId,
array  $existingSessionRecord = [],
bool  $anonymous = false 
)

Regenerates the given session. This method should be used whenever a user proceeds to a higher authorization level, for example when an anonymous session is now authenticated.

Parameters
string$sessionId‪The session id
array$existingSessionRecord‪If given, this session record will be used instead of fetching again
bool$anonymous‪If true session will be regenerated as anonymous session
Exceptions
Backend

Definition at line 217 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\createFromRecord(), TYPO3\CMS\Core\Session\UserSessionManager\createSessionId(), and TYPO3\CMS\Core\Session\UserSession\get().

◆ removeSession()

TYPO3\CMS\Core\Session\UserSessionManager::removeSession ( UserSession  $session)

Removes a given session from the session backend

Definition at line 264 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier().

◆ setGarbageCollectionTimeoutForAnonymousSessions()

TYPO3\CMS\Core\Session\UserSessionManager::setGarbageCollectionTimeoutForAnonymousSessions ( int  $garbageCollectionForAnonymousSessions = 0)
protected

◆ updateSession()

TYPO3\CMS\Core\Session\UserSessionManager::updateSession ( UserSession  $session)

◆ updateSessionTimestamp()

UserSession TYPO3\CMS\Core\Session\UserSessionManager::updateSessionTimestamp ( UserSession  $session)

Updates the session timestamp for the given user session if the session is marked as "needs update" (which means the current timestamp is greater than "last updated + a specified grace-time").

Returns
UserSession a modified user session with a last updated value if needed
Exceptions
Backend

Definition at line 243 of file UserSessionManager.php.

References TYPO3\CMS\Core\Session\UserSession\getIdentifier(), TYPO3\CMS\Core\Session\UserSession\needsUpdate(), and TYPO3\CMS\Core\Session\UserSessionManager\recreateUserSession().

◆ willExpire()

TYPO3\CMS\Core\Session\UserSessionManager::willExpire ( UserSession  $session,
int  $gracePeriod 
)

Checks whether a given user session will expire within the given grace period

Parameters
int$gracePeriod‪in seconds

Definition at line 143 of file UserSessionManager.php.

References $GLOBALS, TYPO3\CMS\Core\Session\UserSessionManager\$sessionLifetime, and TYPO3\CMS\Core\Session\UserSession\getLastUpdated().

Member Data Documentation

◆ $garbageCollectionForAnonymousSessions

int TYPO3\CMS\Core\Session\UserSessionManager::$garbageCollectionForAnonymousSessions = self::LIFETIME_OF_ANONYMOUS_SESSION_DATA
protected

◆ $ipLocker

IpLocker TYPO3\CMS\Core\Session\UserSessionManager::$ipLocker
protected

◆ $loginType

string TYPO3\CMS\Core\Session\UserSessionManager::$loginType
protected

◆ $sessionBackend

SessionBackendInterface TYPO3\CMS\Core\Session\UserSessionManager::$sessionBackend
protected

◆ $sessionLifetime

int TYPO3\CMS\Core\Session\UserSessionManager::$sessionLifetime
protected

Session timeout (on the storage-side, used to know until a session (timestamp) is valid

If >0: session-timeout in seconds. If =0: Instant logout after login.

Definition at line 60 of file UserSessionManager.php.

Referenced by TYPO3\CMS\Core\Session\UserSessionManager\__construct(), TYPO3\CMS\Core\Session\UserSessionManager\create(), TYPO3\CMS\Core\Session\UserSessionManager\hasExpired(), and TYPO3\CMS\Core\Session\UserSessionManager\willExpire().

◆ GARBAGE_COLLECTION_LIFETIME

const TYPO3\CMS\Core\Session\UserSessionManager::GARBAGE_COLLECTION_LIFETIME = 86400
protected

Definition at line 51 of file UserSessionManager.php.

◆ LIFETIME_OF_ANONYMOUS_SESSION_DATA

const TYPO3\CMS\Core\Session\UserSessionManager::LIFETIME_OF_ANONYMOUS_SESSION_DATA = 86400
protected

Definition at line 52 of file UserSessionManager.php.

◆ SESSION_ID_LENGTH

const TYPO3\CMS\Core\Session\UserSessionManager::SESSION_ID_LENGTH = 32
protected

Definition at line 50 of file UserSessionManager.php.

‪TYPO3\CMS\Core\Session\UserSessionManager\create
‪static static create(string $loginType, int $sessionLifetime=null, SessionManager $sessionManager=null, IpLocker $ipLocker=null)
Definition: UserSessionManager.php:345
‪TYPO3\CMS\Core\Session\UserSessionManager\$loginType
‪string $loginType
Definition: UserSessionManager.php:65
‪TYPO3\CMS\Core\Session\UserSessionManager
Definition: UserSessionManager.php:46