/**
* @param \Symfony\Component\HttpFoundation\Session\Session $session
*/
public function handleSessionValidation(SymfonySession $session)
{
$ip_address = new IPAddress($this->request->getClientIp());
$request_ip = $ip_address->getIp(IPAddress::FORMAT_IP_STRING);
$invalidate = false;
$ip = $session->get('CLIENT_REMOTE_ADDR');
$agent = $session->get('CLIENT_HTTP_USER_AGENT');
$request_agent = $this->request->server->get('HTTP_USER_AGENT');
// Validate the request IP
if ($this->shouldCompareIP() && $ip && $ip != $request_ip) {
if ($this->logger) {
$this->logger->debug('Session Invalidated. Session IP "{session}" did not match provided IP "{client}".', array('session' => $ip, 'client' => $request_ip));
}
$invalidate = true;
}
// Validate the request user agent
if ($this->shouldCompareAgent() && $agent && $agent != $request_agent) {
if ($this->logger) {
$this->logger->debug('Session Invalidated. Session user agent "{session}" did not match provided agent "{client}"', array('session' => $agent, 'client' => $request_agent));
}
$invalidate = true;
}
if ($invalidate) {
$session->invalidate();
} else {
if (!$ip && $request_ip) {
$session->set('CLIENT_REMOTE_ADDR', $request_ip);
}
if (!$agent && $request_agent) {
$session->set('CLIENT_HTTP_USER_AGENT', $request_agent);
}
}
}
public function getIP()
{
$ip = new IPAddress($this->ip, true);
return $ip->getIp(IPAddress::FORMAT_IP_STRING);
}