Example #1
0
 /**
  * @param boolean $destroy
  *
  * @return boolean
  */
 public function logout($destroy = false)
 {
     if ($destroy === true) {
         $this->session->invalidate();
     } else {
         $this->session->remove(self::USER_ID);
         $this->session->remove(self::USER_NAME);
         $this->session->remove(self::USER_GROUPS);
         $this->session->migrate();
     }
     return !$this->isLogin();
 }
Example #2
0
 public function migrate($destroy = false, $lifetime = 86400)
 {
     parent::migrate($destroy, null);
     $session_id = $this->getId();
     cookie_remove('chestnut_session');
     cookie('chestnut_session', $session_id, $lifetime);
 }
Example #3
0
 /**
  * Regenerates the session ID
  *
  * @return void
  */
 public function regenerateId()
 {
     if ($this->container instanceof WP_Session) {
         $this->container->regenerate_id();
     } else {
         $this->container->migrate();
     }
 }
Example #4
0
 /**
  * Set the user logged in
  * @param int $user_id
  * @param boolean $regenerate regenerate session id against session fixation?
  */
 protected function setUserLoggedIn($user_id, $regenerate = false)
 {
     if ($regenerate) {
         $this->session->migrate();
     }
     $this->session->set('user_id', $user_id);
     $this->session->set('user_logged_in', 1);
     // declare user id, set the login status to true
     $this->user_id = $user_id;
     $this->user_is_logged_in = true;
 }
Example #5
0
 /**
  * @Route("/", name="homepage")
  */
 public function indexAction(Request $request)
 {
     $session = $request->getSession();
     if ($session == null) {
         $session = new Session();
     }
     if (!$session->isStarted()) {
         $session->start();
     }
     //new sessionID if session existed already.
     $session->migrate();
     if ($session->has('originalSessionID')) {
         $session->remove('originalSessionID');
     }
     return $this->render('default/index.html.twig');
 }
Example #6
0
 /**
  * Apply the Session Strategy
  *
  * @return void
  */
 protected function applySessionStrategy()
 {
     if (!$this->session->isStarted()) {
         return $this->session->start();
     }
     switch ($this->strategy) {
         case self::STRATEGY_MIGRATE:
             $this->session->migrate();
             break;
         case self::STRATEGY_INVALIDATES:
             $this->session->invalidate();
             break;
         default:
             throw new \RuntimeException('Session strategy should be "migrate" or "invalidate"');
     }
 }
Example #7
0
 /**
  * @param GetResponseEvent $event
  */
 private function handleEvent(GetResponseEvent $event)
 {
     if ($this->tokenStorage->getToken()) {
         return;
     }
     if (!$this->samlInteractionProvider->isSamlAuthenticationInitiated()) {
         $this->sendAuthnRequest($event);
         return;
     }
     $expectedInResponseTo = $this->stateHandler->getRequestId();
     $logger = $this->logger;
     try {
         $assertion = $this->samlInteractionProvider->processSamlResponse($event->getRequest());
     } catch (PreconditionNotMetException $e) {
         $logger->notice(sprintf('SAML response precondition not met: "%s"', $e->getMessage()));
         $this->setPreconditionExceptionResponse($e, $event);
         return;
     } catch (Exception $e) {
         $logger->error(sprintf('Failed SAMLResponse Parsing: "%s"', $e->getMessage()));
         throw new AuthenticationException('Failed SAMLResponse parsing', 0, $e);
     }
     if (!InResponseTo::assertEquals($assertion, $expectedInResponseTo)) {
         $logger->error('Unknown or unexpected InResponseTo in SAMLResponse');
         throw new AuthenticationException('Unknown or unexpected InResponseTo in SAMLResponse');
     }
     $logger->notice('Successfully processed SAMLResponse, attempting to authenticate');
     $token = new SamlToken();
     $token->assertion = $assertion;
     try {
         $authToken = $this->authenticationManager->authenticate($token);
     } catch (AuthenticationException $failed) {
         $logger->error(sprintf('Authentication Failed, reason: "%s"', $failed->getMessage()));
         $this->setAuthenticationFailedResponse($event);
         return;
     }
     $this->tokenStorage->setToken($authToken);
     // migrate the session to prevent session hijacking
     $this->session->migrate();
     $event->setResponse(new RedirectResponse($this->stateHandler->getCurrentRequestUri()));
     $logger->notice('Authentication succeeded, redirecting to original location');
 }
Example #8
0
 /**
  * @return void
  */
 public function regenerateId()
 {
     $this->session->migrate();
 }
Example #9
0
 /**
  * {@inheritDoc}
  *
  * This method also regenerates a session token and persists
  * session container services
  *
  * @see persistServices()
  * @see parent::migrate()
  */
 public function migrate($destroy = false, $lifetime = null)
 {
     $lastSessionId = session_id();
     if (!$destroy) {
         $this->persistServices();
     }
     parent::migrate();
     if (!$destroy && !empty($lastSessionId)) {
         // regenerate token too
         $this->getToken(true);
         // keep old session id for reference
         $this->set('lastSessionId', $lastSessionId);
     }
 }
Example #10
0
 /**
  * @return null
  */
 public function regenerate()
 {
     return parent::migrate(TRUE);
 }