/** * If there is a new session for this user/server, append the token request to the page */ public static function appendTokenRequest() { $cmd = self::$cmd; $session = LigminchaGlobalSession::getCurrent(); // If there is a current session, if ($session) { // If the session is newly created, get an SSO cookie under ligmincha.org for this session ID // - newly created sessions have no expiry // - this is done by appending a 1x1pixel iFrame to the output that will request a token cookie from ligmincha.org if ($session->flag(LG_NEW)) { // We always set a local cookie as well so we can get the current session ID from it self::setCookie($session->id); // Otherwise we need to make the request to the master in the iFrame if (!LigminchaGlobalServer::getCurrent()->isMaster) { $url = LigminchaGlobalServer::masterDomain(); $iframe = "<iframe src=\"http://{$url}?{$cmd}={$session->id}\" frameborder=\"0\" width=\"1\" height=\"1\"></iframe>"; $app = JFactory::getApplication('site'); $app->setBody(str_replace('</body>', "{$iframe}\n</body>", $app->getBody())); lgDebug("SSO cookie request iFrame added to page ({$url})", $session); } // Set the expiry to a longer time that distributed sessions last // - after it expires, user needs to come back to have another made (may not need to log in again) $session->expire = LigminchaGlobalObject::timestamp() + LG_SESSION_DURATION; // Now that the session is real it can route $session->flag(LG_LOCAL, false); // Write changes to the session object into the distributed database $session->update(); } } }
/** * Remove all expired items (these changes are not routed because all servers handle expiration themselves) */ private function expire() { $db = JFactory::getDbo(); $table = self::sqlTable(); $db->setQuery("DELETE FROM {$table} WHERE `expire` > 0 AND `expire`<" . LigminchaGlobalObject::timestamp()); $db->query(); }