/** * Starts the session. * * @access public */ public function start() { if ($this->started) { throw new LogicException(vsprintf("%s(): The session has already been started.", [__METHOD__])); } // Set the started flag to true $this->started = true; // Get the session id from the cookie or generate a new one if it doesn't exist. $this->sessionId = $this->request->signedCookie($this->cookieName, false); if ($this->sessionId === false) { $this->sessionId = $this->generateId(); } // Create a new / update the existing session cookie $this->setCookie(); // Load the session data $this->loadData(); // Create a session token if we don't have one if (empty($this->sessionData['mako.token'])) { $this->sessionData['mako.token'] = $this->generateId(); } $this->token = $this->sessionData['mako.token']; }
/** * Checks if a user is logged in. * * @access protected * @return mako\auth\user\UserInterface|null */ protected function check() { if (empty($this->user)) { // Check if there'a user that can be logged in $token = $this->session->get($this->authKey, false); if ($token === false) { $token = $this->request->signedCookie($this->authKey, false); if ($token !== false) { $this->session->put($this->authKey, $token); } } if ($token !== false) { $user = $this->userProvider->getByAccessToken($token); if ($user === false || $user->isBanned() || !$user->isActivated()) { $this->logout(); } else { $this->user = $user; } } } return $this->user; }
/** * Checks if a user is logged in. * * @access protected * @return \padlock\models\User|null */ protected function check() { if (empty($this->user)) { // Check if there'a user that can be logged in $token = $this->session->get($this->authKey, false); if ($token === false) { $token = $this->request->signedCookie($this->authKey, false); if ($token !== false) { $this->session->put($this->authKey, $token); } } if ($token !== false) { $model = $this->userModel; $this->user = $model::where('token', '=', $token)->first(); if ($this->user === false || $this->user->isBanned() || !$this->user->isActivated()) { $this->logout(); } } // Set checked status to TRUE $this->isChecked = true; } return $this->user; }
/** * @expectedException \RuntimeException */ public function testSignedCookieException() { $request = new Request(); $request->signedCookie(); }