/** * Stores user data into an array, encrypts it and returns the encrypted string. * * @param AbstractUser $user Instance of AbstractUser class that holds the pre-filled object from user provider. * * @return string */ public function encryptUserData(AbstractUser $user) { // data (we use short syntax to reduce the size of the cookie or session) $data = ['u' => $user->getUsername(), 'vu' => $this->tokenRememberMe ? time() + 86400 * 30 : time() + 86400, 'ap' => $user->getAuthProviderName(), 'up' => $user->getUserProviderName()]; // build and add token to $data $token = $this->getCrypt()->encrypt($this->jsonEncode($data), $this->getEncryptionKey()); $token = urlencode(rtrim($token, '=')); return $token; }
/** * This method deletes user auth token and calls the logoutCallback on current login provider. * After that, it replaces the current user instance with an instance of AnonymousUser and redirects the request to * the logout.target. */ public function processLogout() { $this->getToken()->deleteUserToken(); if ($this->getUser()->isAuthenticated()) { $this->getAuthProvider($this->user->getAuthProviderName())->logoutCallback(); } $this->user = new AnonymousUser(); $this->userAuthenticated = false; $this->eventManager()->fire(SecurityEvent::LOGOUT); return true; }
/** * Stores user data into an array, encrypts it and returns the encrypted string. * * @param AbstractUser $user Instance of AbstractUser class that holds the pre-filled object from user provider. * * @return string */ public function encryptUserData(AbstractUser $user) { // extract the roles $roles = $user->getRoles(); $roleArray = []; foreach ($roles as $r) { $roleArray[] = $r->getRole(); } // data (we use short syntax to reduce the size of the cookie or session) $data = ['u' => $user->getUsername(), 'r' => $roleArray, 'vu' => time() + 86400 * 30, 'sid' => $this->httpSession()->getSessionId(), 'ap' => $user->getAuthProviderName()]; // build and add token to $data return $this->getCrypt()->encrypt($this->jsonEncode($data), $this->getEncryptionKey()); }