/** * Used to renew a session id * * In your controller: $this->Session->renew(); * * @return void */ public function renew() { return Session::renew(); }
/** * Log a user out. * * Returns the logout action to redirect to. Triggers the `Auth.logout` event * which the authenticate classes can listen for and perform custom logout logic. * AuthComponent will remove the session data, so there is no need to do that * in an authentication object. Logging out will also renew the session id. * This helps mitigate issues with session replays. * * @return string Normalized config `logoutRedirect` * @link http://book.cakephp.org/3.0/en/controllers/components/authentication.html#logging-users-out */ public function logout() { $this->_setDefaults(); if (empty($this->_authenticateObjects)) { $this->constructAuthenticate(); } $user = (array) $this->user(); $this->dispatchEvent('Auth.logout', [$user]); $this->session->delete($this->sessionKey); $this->session->delete('Auth.redirect'); $this->session->renew(); return Router::normalize($this->_config['logoutRedirect']); }
/** * Used to renew a session id * * In your controller: $this->Session->renew(); * * @return void */ public function renew() { $this->_session->renew(); }
/** * Delete user record from session. * * The session id is also renewed to help mitigate issues with session replays. * * @return void */ public function delete() { $this->_user = false; $this->_session->delete($this->_config['key']); $this->_session->renew(); }