function __invoke($req, $res, $next) { if ($req->isOptions()) { return $res; } $sessionId = utils::getRequestHeader($req, 'AliceSPA-SessionID'); if (!empty($sessionId)) { $sessionId = $sessionId[0]; } $sessionId = sessionServ::getInstance()->loadSession($sessionId); apip::getInstance()->setSessionId($sessionId); $res = $next($req, $res); sessionServ::getInstance()->storeSession($sessionId); return $res; }
public function check($codeId, $code, $type, $validTime = null) { $session = session::getInstance(); $codes = $session->get('AliceSPA_VerificationCodes'); if (empty($codes)) { return false; } if (empty($codes[$type])) { return false; } if (empty($codes[$type][$codeId])) { return false; } $c = $codes[$type][$codeId]; if (empty($c)) { return false; } if ($c['Code'] === $code && ($validTime === null || utils::datetimeMysql2PHP($c['CreateTime']) > time() - $validTime)) { return true; } return false; }
if ($this->session === null) { return false; } return $this->session; } public function set($key, $value) { //BUG false may be a value in session, FIX IT if ($this->session === null) { return false; } $this->session[$key] = $value; } public function get($key) { //BUG false may be a value in session, FIX IT if ($this->session === null) { return null; } return $this->session[$key]; } public function clearSessions() { $db = db::getInstance(); $db->delete('aspa_session', ['create_time[<]' => utils::datetimePHP2Mysql(time() - configHelper::getCoreConfig()['sessionValidTime'])]); return true; } } $container['session'] = function () { return \AliceSPA\Service\Session::getInstance(); };
<?php use AliceSPA\Helper\Utilities as utils; $app->get('/AliceSPA/api/environment/errors', '\\AliceSPA\\Controller\\Environment:getErrors'); $app->get('/AliceSPA/api/environment/checkSession', function ($req, $res, $args) { return $res; }); //in session middleware utils::secureRoute($app->post('/AliceSPA/api/environment/clearSessions', function ($req, $res, $args) { \AliceSPA\Service\Session::getInstance()->clearSessions(); }), ['admin']);