Core Update 1.4.0
This commit is contained in:
@@ -11,7 +11,7 @@ use External\JWT;
|
||||
class Session extends ApiObject {
|
||||
|
||||
# in minutes
|
||||
const DURATION = 60*24;
|
||||
const DURATION = 60*60*24*14;
|
||||
|
||||
private ?int $sessionId;
|
||||
private User $user;
|
||||
@@ -25,13 +25,14 @@ class Session extends ApiObject {
|
||||
public function __construct(User $user, ?int $sessionId, ?string $csrfToken) {
|
||||
$this->user = $user;
|
||||
$this->sessionId = $sessionId;
|
||||
$this->stayLoggedIn = true;
|
||||
$this->stayLoggedIn = false;
|
||||
$this->csrfToken = $csrfToken ?? generateRandomString(16);
|
||||
}
|
||||
|
||||
public static function create($user, $stayLoggedIn): ?Session {
|
||||
public static function create(User $user, bool $stayLoggedIn = false): ?Session {
|
||||
$session = new Session($user, null, null);
|
||||
if($session->insert($stayLoggedIn)) {
|
||||
if ($session->insert($stayLoggedIn)) {
|
||||
$session->stayLoggedIn = $stayLoggedIn;
|
||||
return $session;
|
||||
}
|
||||
|
||||
@@ -39,8 +40,8 @@ class Session extends ApiObject {
|
||||
}
|
||||
|
||||
private function updateMetaData() {
|
||||
$this->expires = time() + Session::DURATION * 60;
|
||||
$this->ipAddress = $_SERVER['REMOTE_ADDR'];
|
||||
$this->expires = time() + Session::DURATION;
|
||||
$this->ipAddress = is_cli() ? "127.0.0.1" : $_SERVER['REMOTE_ADDR'];
|
||||
try {
|
||||
$userAgent = @get_browser($_SERVER['HTTP_USER_AGENT'], true);
|
||||
$this->os = $userAgent['platform'] ?? "Unknown";
|
||||
@@ -51,31 +52,36 @@ class Session extends ApiObject {
|
||||
}
|
||||
}
|
||||
|
||||
public function setData($data) {
|
||||
public function setData(array $data) {
|
||||
foreach($data as $key => $value) {
|
||||
$_SESSION[$key] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
public function stayLoggedIn($val) {
|
||||
public function stayLoggedIn(bool $val) {
|
||||
$this->stayLoggedIn = $val;
|
||||
}
|
||||
|
||||
public function sendCookie() {
|
||||
public function getCookie(): string {
|
||||
$this->updateMetaData();
|
||||
$settings = $this->user->getConfiguration()->getSettings();
|
||||
$token = array('userId' => $this->user->getId(), 'sessionId' => $this->sessionId);
|
||||
$sessionCookie = JWT::encode($token, $settings->getJwtSecret());
|
||||
$token = ['userId' => $this->user->getId(), 'sessionId' => $this->sessionId];
|
||||
return JWT::encode($token, $settings->getJwtSecret());
|
||||
}
|
||||
|
||||
public function sendCookie(?string $domain = null) {
|
||||
$domain = empty($domain) ? "" : $domain;
|
||||
$sessionCookie = $this->getCookie();
|
||||
$secure = strcmp(getProtocol(), "https") === 0;
|
||||
setcookie('session', $sessionCookie, $this->getExpiresTime(), "/", "", $secure, true);
|
||||
setcookie('session', $sessionCookie, $this->getExpiresTime(), "/", $domain, $secure, true);
|
||||
}
|
||||
|
||||
public function getExpiresTime(): int {
|
||||
return ($this->stayLoggedIn == 0 ? 0 : $this->expires);
|
||||
return ($this->stayLoggedIn ? $this->expires : 0);
|
||||
}
|
||||
|
||||
public function getExpiresSeconds(): int {
|
||||
return ($this->stayLoggedIn == 0 ? -1 : $this->expires - time());
|
||||
return ($this->stayLoggedIn ? $this->expires - time() : -1);
|
||||
}
|
||||
|
||||
public function jsonSerialize(): array {
|
||||
@@ -90,7 +96,7 @@ class Session extends ApiObject {
|
||||
);
|
||||
}
|
||||
|
||||
public function insert($stayLoggedIn): bool {
|
||||
public function insert(bool $stayLoggedIn = false): bool {
|
||||
$this->updateMetaData();
|
||||
$sql = $this->user->getSQL();
|
||||
|
||||
@@ -105,13 +111,13 @@ class Session extends ApiObject {
|
||||
$this->ipAddress,
|
||||
$this->os,
|
||||
$this->browser,
|
||||
json_encode($_SESSION),
|
||||
json_encode($_SESSION ?? []),
|
||||
$stayLoggedIn,
|
||||
$this->csrfToken)
|
||||
->returning("uid")
|
||||
->execute();
|
||||
|
||||
if($success) {
|
||||
if ($success) {
|
||||
$this->sessionId = $this->user->getSQL()->getLastInsertId();
|
||||
return true;
|
||||
}
|
||||
@@ -120,6 +126,7 @@ class Session extends ApiObject {
|
||||
}
|
||||
|
||||
public function destroy(): bool {
|
||||
session_destroy();
|
||||
return $this->user->getSQL()->update("Session")
|
||||
->set("active", false)
|
||||
->where(new Compare("Session.uid", $this->sessionId))
|
||||
@@ -138,7 +145,7 @@ class Session extends ApiObject {
|
||||
->where(new Compare("uid", $this->user->getId()))
|
||||
->execute() &&
|
||||
$sql->update("Session")
|
||||
->set("Session.expires", (new DateTime())->modify("+$minutes minute"))
|
||||
->set("Session.expires", (new DateTime())->modify("+$minutes second"))
|
||||
->set("Session.ipAddress", $this->ipAddress)
|
||||
->set("Session.os", $this->os)
|
||||
->set("Session.browser", $this->browser)
|
||||
|
||||
Reference in New Issue
Block a user