/**
* Listener method of the Enlight_Controller_Front_DispatchLoopShutdown event.
* If the request is from a Bot, discard the session
*
* @param \Enlight_Event_EventArgs $args
*/
public function onDispatchLoopShutdown(\Enlight_Event_EventArgs $args)
{
$container = Shopware()->Container();
if ($container->initialized('session') && $container->get('session')->Bot && PHP_SAPI !== 'cli') {
Enlight_Components_Session::destroy();
}
}
/**
* @return Enlight_Components_Session_Namespace
*/
public function initSession()
{
$configSession = array_merge(array('name' => 'ENLIGHTSID', 'cookie_lifetime' => 0, 'use_trans_sid' => 0, 'gc_probability' => 1), (array) $this->Application()->getOption('session'));
Enlight_Components_Session::start($configSession);
$this->registerResource('SessionId', Enlight_Components_Session::getId());
$namespace = new Enlight_Components_Session_Namespace('Default');
return $namespace;
}
/**
* Starts the redis connection.
* @param Container $container
* @return \Enlight_Components_Session_Namespace
*/
public function factory(Container $container)
{
$sessionOptions = Shopware()->getOption('session', []);
if (@$sessionOptions['save_handler'] === 'redis') {
$redisOptions = array_merge(['exceptions' => true, 'prefix' => 'session:'], Shopware()->getOption('sessionredis', []));
$client = new PredisClient($redisOptions);
\Enlight_Components_Session::setSaveHandler(new SaveHandler($client));
}
// if
return parent::factory($container);
}
/**
* Set some properties only available at runtime
*/
public function __construct()
{
parent::__construct();
// Add conditions to user queries
foreach ($this->conditions as $condition) {
$this->addCondition($condition);
}
$this->setSessionId(Enlight_Components_Session::getId());
}
/**
* @param Enlight_Controller_Request_Request $request
*/
public function refreshBasket($request)
{
$currentController = $request->getParam('requestController', $request->getControllerName());
$sessionId = (string) Enlight_Components_Session::getId();
if (!empty($currentController) && !empty($sessionId)) {
$userId = (int) Shopware()->Session()->sUserId;
$userAgent = (string) $request->getServer("HTTP_USER_AGENT");
$sql = "\n UPDATE s_order_basket\n SET lastviewport = ?,\n useragent = ?,\n userID = ?\n WHERE sessionID=?\n ";
Shopware()->Db()->query($sql, array($currentController, $userAgent, $userId, $sessionId));
}
}
/**
* authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to
* attempt an authentication. Previous to this call, this adapter would have already
* been configured with all necessary information to successfully connect to a database
* table and attempt to find a record matching the provided identity.
*
* @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
* @return Zend_Auth_Result
*/
public function authenticate()
{
$result = parent::authenticate();
$select = $this->_zendDb->select();
$select->from($this->_tableName);
$select->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity);
$user = $this->_zendDb->fetchRow($select, array(), Zend_Db::FETCH_OBJ);
if ($result->isValid()) {
// Check if user role is active
$sql = 'SELECT enabled FROM s_core_auth_roles WHERE id = ?';
if ($this->_zendDb->fetchOne($sql, array($user->roleID)) == false) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array());
}
Enlight_Components_Session::regenerateId();
// close and restart session to make sure the db session handler writes updates.
session_write_close();
session_start();
$this->setSessionId(Enlight_Components_Session::getId());
$this->updateExpiry();
$this->updateSessionId();
//reset failed login count
$this->setFailedLogins(0);
} else {
// If more then 4 previous failed logins lock account for n * failedlogins seconds
if ($user->failedlogins >= 4) {
$lockedUntil = new Zend_Date();
$lockedUntil->addSecond($this->lockSeconds * $user->failedlogins);
$this->setLockedUntil($lockedUntil);
}
// Increase number of failed logins
$this->setFailedLogins($user->failedlogins + 1);
if (isset($lockedUntil)) {
return new Zend_Auth_Result(-4, $this->_identity, array('lockedUntil' => $lockedUntil));
}
}
return $result;
}
/**
* Init session method
*
* @return Enlight_Components_Session_Namespace
*/
protected function initSession()
{
$sessionOptions = $this->Application()->getOption('session', array());
if (!empty($sessionOptions['unitTestEnabled'])) {
Enlight_Components_Session::$_unitTestEnabled = true;
}
unset($sessionOptions['unitTestEnabled']);
if (Enlight_Components_Session::isStarted()) {
Enlight_Components_Session::writeClose();
}
/** @var $shop \Shopware\Models\Shop\Shop */
$shop = $this->getResource('Shop');
$name = 'session-' . $shop->getId();
//$path = rtrim($shop->getBasePath(), '/') . '/';
//$host = $shop->getHost();
//$host = $host === 'localhost' ? null : $host;
$sessionOptions['name'] = $name;
//$sessionOptions['cookie_path'] = $path;
//$sessionOptions['cookie_domain'] = $host;
if (!isset($sessionOptions['save_handler']) || $sessionOptions['save_handler'] == 'db') {
$config_save_handler = array(
'db' => $this->getResource('Db'),
'name' => 's_core_sessions',
'primary' => 'id',
'modifiedColumn' => 'modified',
'dataColumn' => 'data',
'lifetimeColumn' => 'expiry'
);
Enlight_Components_Session::setSaveHandler(
new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler)
);
unset($sessionOptions['save_handler']);
}
Enlight_Components_Session::start($sessionOptions);
$this->registerResource('SessionID', Enlight_Components_Session::getId());
$namespace = new Enlight_Components_Session_Namespace('Shopware');
return $namespace;
}
/**
* Initiate shopware auth resource
* database adapter by default
*
* @param Enlight_Event_EventArgs $args
* @throws Exception
* @return null|\Zend_Auth
*/
public function onInitResourceBackendSession(Enlight_Event_EventArgs $args)
{
$options = $this->Application()->getOption('backendSession', array());
if (!isset($options['cookie_path']) && $this->request !== null) {
$options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/';
}
if (empty($options['gc_maxlifetime'])) {
$backendTimeout = $this->Config()->get('backendTimeout', 60 * 90);
$options['gc_maxlifetime'] = $backendTimeout;
}
$refererCheck = false; $clientCheck = false;
if(is_bool($options['referer_check'])) {
$refererCheck = $options['referer_check'];
unset($options['referer_check']);
}
if(!empty($options['client_check'])) {
$clientCheck = true;
}
unset($options['client_check']);
Enlight_Components_Session::start($options);
$referer = $this->request->getHeader('referer');
if($refererCheck && $referer !== null
&& strpos($referer, 'http') === 0) {
$referer = substr($referer, 0, strpos($referer, '/backend/'));
$referer .= '/backend/';
if(!isset($_SESSION['__SW_REFERER'])) {
$_SESSION['__SW_REFERER'] = $referer;
} elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) {
Enlight_Components_Session::destroy();
throw new Exception('Referer check for backend session failed');
}
}
$client = $this->request->getHeader('userAgent');
if($clientCheck && $client !== null) {
if(!isset($_SESSION['__SW_CLIENT'])) {
$_SESSION['__SW_CLIENT'] = $client;
} elseif ($client !== $_SESSION['__SW_CLIENT']) {
Enlight_Components_Session::destroy();
throw new Exception('Client check for backend session failed');
}
}
return new Enlight_Components_Session_Namespace('ShopwareBackend');
}
/**
* Loads current user's locale or, if none exists, the default fallback
*
* @return \Shopware\Models\Shop\Locale
*/
protected function getCurrentLocale()
{
$options = $this->Application()->getOption('backendSession', array());
$options = $this->prepareSessionOptions($options);
Enlight_Components_Session::setOptions($options);
if (Enlight_Components_Session::sessionExists()) {
$auth = Shopware()->Auth();
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
if (isset($user->locale)) {
return $user->locale;
}
}
}
$default = $this->getDefaultLocale();
$locale = Shopware()->Models()->getRepository('Shopware\\Models\\Shop\\Locale')->find($default);
return $locale;
}
/**
* Initiate shopware auth resource
* database adapter by default
*
* @param Enlight_Event_EventArgs $args
* @throws Exception
* @return null|\Zend_Auth
*/
public function onInitResourceBackendSession(Enlight_Event_EventArgs $args)
{
$options = $this->Application()->getOption('backendSession', array());
if (!isset($options['cookie_path']) && $this->request !== null) {
$options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/';
}
if (empty($options['gc_maxlifetime'])) {
$backendTimeout = $this->Config()->get('backendTimeout', 60 * 90);
$options['gc_maxlifetime'] = $backendTimeout;
}
$refererCheck = false;
$clientCheck = false;
if (is_bool($options['referer_check'])) {
$refererCheck = $options['referer_check'];
unset($options['referer_check']);
}
if (!empty($options['client_check'])) {
$clientCheck = true;
}
unset($options['client_check']);
if (!isset($options['save_handler']) || $options['save_handler'] == 'db') {
// SW-4819 Add database backend support
$config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry');
Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler));
}
Enlight_Components_Session::start($options);
if ($refererCheck && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) {
$referer = substr($referer, 0, strpos($referer, '/backend/'));
$referer .= '/backend/';
if (!isset($_SESSION['__SW_REFERER'])) {
$_SESSION['__SW_REFERER'] = $referer;
} elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) {
Enlight_Components_Session::destroy();
throw new Exception('Referer check for backend session failed');
}
}
if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) {
if (!isset($_SESSION['__SW_CLIENT'])) {
$_SESSION['__SW_CLIENT'] = $client;
} elseif ($client !== $_SESSION['__SW_CLIENT']) {
Enlight_Components_Session::destroy();
throw new Exception('Client check for backend session failed');
}
}
return new Enlight_Components_Session_Namespace('ShopwareBackend');
}
/**
* @param Container $container
* @return \Enlight_Components_Session_Namespace
*/
public function factory(Container $container)
{
$sessionOptions = Shopware()->getOption('session', array());
if (!empty($sessionOptions['unitTestEnabled'])) {
\Enlight_Components_Session::$_unitTestEnabled = true;
}
unset($sessionOptions['unitTestEnabled']);
if (\Enlight_Components_Session::isStarted()) {
\Enlight_Components_Session::writeClose();
}
/** @var $shop \Shopware\Models\Shop\Shop */
$shop = $container->get('Shop');
$name = 'session-' . $shop->getId();
$sessionOptions['name'] = $name;
if (!isset($sessionOptions['save_handler']) || $sessionOptions['save_handler'] == 'db') {
$config_save_handler = array('db' => $container->get('Db'), 'name' => 's_core_sessions', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry');
\Enlight_Components_Session::setSaveHandler(new \Enlight_Components_Session_SaveHandler_DbTable($config_save_handler));
unset($sessionOptions['save_handler']);
}
\Enlight_Components_Session::start($sessionOptions);
$container->set('SessionID', \Enlight_Components_Session::getId());
$namespace = new \Enlight_Components_Session_Namespace('Shopware');
$namespace->offsetSet('sessionId', \Enlight_Components_Session::getId());
return $namespace;
}
