/** * {@inheritDoc} * * @todo move to request */ public function isValidSession(Request $request, Session $session) { $valid = true; if ($this->enabled && $request->isSecure()) { $sslSessionId = $request->server->get('SSL_SESSION_ID'); if (null == ($sessionSslSessionId = $session->get(self::SESSION_SSL_SESSION_ID_KEY))) { $session->set(self::SESSION_SSL_SESSION_ID_KEY, $sslSessionId); } else { $valid = $sslSessionId == $sessionSslSessionId; } } return $valid; }
/** * {@inheritDoc} */ public function isValidSession(Request $request, Session $session) { $valid = true; if ($this->enabled) { $ip = $request->getClientIp(); if (null == ($sessionIP = $session->get(self::SESSION_IP_KEY))) { $session->set(self::SESSION_IP_KEY, $ip); } else { $valid = $ip == $sessionIP; } } return $valid; }
/** * {@inheritDoc} */ public function isValidSession(Request $request, Session $session) { $valid = true; if ($this->enabled) { // todo move to request $userAgent = $request->server->get('HTTP_USER_AGENT'); if (null == ($sessionUserAgent = $session->get(self::SESSION_UA_KEY))) { $session->set(self::SESSION_UA_KEY, $userAgent); } else { $valid = $userAgent == $sessionUserAgent; } } return $valid; }