/**
* Initiate shopware auth resource
* database adapter by default
*
* @param Enlight_Event_EventArgs $args
* @throws Exception
* @return null|\Zend_Auth
*/
public function onInitResourceBackendSession(Enlight_Event_EventArgs $args)
{
$options = $this->Application()->getOption('backendSession', array());
$refererCheck = (bool) $options['referer_check'];
$clientCheck = (bool) $options['client_check'];
$options = $this->prepareSessionOptions($options);
if (!isset($options['save_handler']) || $options['save_handler'] == 'db') {
$config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry', 'lifetime' => $options['gc_maxlifetime'] ?: PHP_INT_MAX);
Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler));
}
Enlight_Components_Session::start($options);
if (!$this->isBackendHomepage() && $refererCheck && $this->shouldAuth() && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) {
$referer = substr($referer, 0, strpos($referer, '/backend/'));
$referer .= '/backend/';
if (!isset($_SESSION['__SW_REFERER'])) {
$_SESSION['__SW_REFERER'] = $referer;
} elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) {
Enlight_Components_Session::destroy();
throw new Exception('Referer check for backend session failed');
}
}
if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) {
if (!isset($_SESSION['__SW_CLIENT'])) {
$_SESSION['__SW_CLIENT'] = $client;
} elseif ($client !== $_SESSION['__SW_CLIENT']) {
Enlight_Components_Session::destroy();
throw new Exception('Client check for backend session failed');
}
}
return new Enlight_Components_Session_Namespace('ShopwareBackend');
}
/**
* @param Request $request
* @return bool
*/
public function acceptsRequest(Request $request)
{
return (bool) preg_match('{\\bChrome/\\d+[\\.\\d+]*\\b}', $request->getHeader('User-Agent'));
}
/**
* @param Request $request
* @return bool
*/
public function acceptsRequest(Request $request)
{
$firePhpVersion = $request->getHeader('X-FirePHP-Version');
$userAgent = preg_match('{\\bFirePHP/\\d+\\.\\d+\\b}', $request->getHeader('User-Agent'));
return $firePhpVersion || $userAgent;
}
/**
* Checks that at least one surrogate has ESI/1.0 capability.
*
* @param Request $request A Request instance
*
* @return bool true if one surrogate has ESI/1.0 capability, false otherwise
*/
private function hasSurrogateEsiCapability(Request $request)
{
if (null === ($value = $request->getHeader('Surrogate-Capability'))) {
return false;
}
return false !== strpos($value, 'ESI/1.0');
}
