/** * Clear session information * * @param none * @return void */ public static function clearSession() { $authCookieName = Config::getInstance()->General['login_cookie_name']; $cookie = new Cookie($authCookieName); $cookie->delete(); Session::expireSessionCookie(); }
/** * Authenticates the user and initializes the session. */ public function initSession($login, $md5Password, $rememberMe) { $tokenAuth = API::getInstance()->getTokenAuth($login, $md5Password); $this->setLogin($login); $this->setTokenAuth($tokenAuth); $authResult = $this->authenticate(); $authCookieName = Config::getInstance()->General['login_cookie_name']; $authCookieExpiry = $rememberMe ? time() + Config::getInstance()->General['login_cookie_expire'] : 0; $authCookiePath = Config::getInstance()->General['login_cookie_path']; $cookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath); if (!$authResult->wasAuthenticationSuccessful()) { $cookie->delete(); throw new Exception(Piwik::translate('Login_LoginPasswordNotCorrect')); } $cookie->set('login', $login); $cookie->set('token_auth', $this->getHashTokenAuth($login, $authResult->getTokenAuth())); $cookie->setSecure(ProxyHttp::isHttps()); $cookie->setHttpOnly(true); $cookie->save(); @Session::regenerateId(); // remove password reset entry if it exists Login::removePasswordResetInfo($login); }