/** * @see \Ableron\Core\Controller\Action\ActionInterface::execute() */ public function execute() { DefaultAuthenticationService::logout(Application::getSession()); }
/** * @see \Ableron\Core\Controller\ControllerInterface::setFlashMessage() */ public function setFlashMessage(string $message, string $messageKey = null, string $messageType = ControllerInterface::MESSAGE_TYPE_ERROR) { // get already set flash messages $flashMessages = $this->getFlashMessages(); // add flash message if ($messageKey === null) { $flashMessages[$messageType][] = $message; } else { $flashMessages[$messageType][$messageKey] = $message; } // save flash messages in session Application::getSession()->setData($this->flashMessagesSessionKey, $flashMessages); }
/** * Takes care of possible CSRF attacks. * * Logs the possible attack and changes the current CSRF token. * * @return void */ private function handlePossibleCsrfAttack() { // log possible attack Application::getPersistenceManager()->getEntityManager()->persist(new CsrfAttemptEntity()); // invalidate session token by setting a new one Application::getSession()->setData($this->csrfTokensSessionKey, StringUtil::getRandomString($this->tokenLength)); }
/** * Stores the authenticated user in the current session. * * @see \Ableron\Core\Controller\Page\AbstractPage::processForm() */ public function processForm() { parent::processForm(); // save authenticated user object in session Application::getSession()->setUser($this->user); }