コード例 #1
0
 public function testStartInvalidFingerprint()
 {
     $handler = new \FabysCore\Component\Session\Handler\NativeSessionHandler();
     $arraySession = new \FabysCore\Component\Session\Type\ArraySession($handler);
     $arraySession->set("test", "value");
     $request = \FabysCore\Component\HTTP\ServerRequest::createNew([], [], [], [], ["HTTP_USER_AGENT" => "test", "REMOTE_ADDR" => "127.0.0.1", "REQUEST_METHOD" => "GET", "HTTP_HOST" => "localhost", "REQUEST_URI" => "/", "SCRIPT_NAME" => "index.php"]);
     $response = new \FabysCore\Component\HTTP\Response();
     $session = new \FabysCore\Component\Session\Session($arraySession, 60);
     $called = false;
     $session->init($request, $response, function (\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response) use(&$called) {
         $called = true;
     });
     $this->assertTrue($called);
     $this->assertTrue($session->start());
     $this->assertEquals("value", $session->get("test"));
     $fingerPrint = $session->get("fabyscore._sessfingerprint");
     $this->assertNotEmpty($fingerPrint);
     $request = \FabysCore\Component\HTTP\ServerRequest::createNew([], [], [], [], ["HTTP_USER_AGENT" => "changed", "REMOTE_ADDR" => "127.0.0.1", "REQUEST_METHOD" => "GET", "HTTP_HOST" => "localhost", "REQUEST_URI" => "/", "SCRIPT_NAME" => "index.php"]);
     $session2 = new \FabysCore\Component\Session\Session($arraySession, 60);
     $called = false;
     $session2->init($request, $response, function (\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response) use(&$called) {
         $called = true;
     });
     $this->assertTrue($called);
     $this->assertTrue($session2->start());
     $this->assertNull($session->get("test"));
     $this->assertNotEquals($fingerPrint, $session->get("fabyscore._sessfingerprint"));
 }
コード例 #2
0
 /**
  * authenticates user from session data
  *
  * @param ServerRequestInterface $request
  * @param ResponseInterface $response
  * @param callable $next
  * @return ResponseInterface
  */
 public function authenticateSession(ServerRequestInterface $request, ResponseInterface $response, callable $next)
 {
     // check user
     $userId = $this->session->get("security._user");
     if ($userId === null) {
         return $next($request, $response);
     }
     // check login token
     $loginToken = $this->session->get("security._logintoken");
     if ($loginToken === null) {
         $this->session->delete("security._user");
         return $next($request, $response);
     }
     // refresh user
     $this->user = $this->userProvider->refreshUser((string) $userId, $loginToken);
     return $next($request, $response);
 }