Home Explore Help
Sign In
ouidade
/
lecampus.valdedrome.com
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: adc7d775dc
Branches Tags
lecampus.val...
/
system
/
src
/
Grav
/
Common
/
Service
/
SessionServiceProvider.php

SessionServiceProvider.php 5.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * @package    Grav\Common\Service
    5. 

  5.  *
    6. 

  6.  * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
    7. 

  7.  * @license    MIT License; see LICENSE file for details.
    8. 

  8.  */
    9. 

  9. 

  10. namespace Grav\Common\Service;
    11. 

  11. 

  12. use Grav\Common\Config\Config;
    13. 

  13. use Grav\Common\Debugger;
    14. 

  14. use Grav\Common\Session;
    15. 

  15. use Grav\Common\Uri;
    16. 

  16. use Grav\Common\Utils;
    17. 

  17. use Grav\Framework\Session\Messages;
    18. 

  18. use Pimple\Container;
    19. 

  19. use Pimple\ServiceProviderInterface;
    20. 

  20. 

  21. /**
    22. 

  22.  * Class SessionServiceProvider
    23. 

  23.  * @package Grav\Common\Service
    24. 

  24.  */
    25. 

  25. class SessionServiceProvider implements ServiceProviderInterface
    26. 

  26. {
    27. 

  27.     /**
    28. 

  28.      * @param Container $container
    29. 

  29.      * @return void
    30. 

  30.      */
    31. 

  31.     public function register(Container $container)
    32. 

  32.     {
    33. 

  33.         // Define session service.
    34. 

  34.         $container['session'] = static function ($c) {
    35. 

  35.             /** @var Config $config */
    36. 

  36.             $config = $c['config'];
    37. 

  37. 

  38.             /** @var Uri $uri */
    39. 

  39.             $uri = $c['uri'];
    40. 

  40. 

  41.             // Get session options.
    42. 

  42.             $enabled = (bool)$config->get('system.session.enabled', false);
    43. 

  43.             $cookie_secure = $config->get('system.session.secure', false)
    44. 

  44.                 || ($config->get('system.session.secure_https', true) && $uri->scheme(true) === 'https');
    45. 

  45.             $cookie_httponly = (bool)$config->get('system.session.httponly', true);
    46. 

  46.             $cookie_lifetime = (int)$config->get('system.session.timeout', 1800);
    47. 

  47.             $cookie_domain = $config->get('system.session.domain');
    48. 

  48.             $cookie_path = $config->get('system.session.path');
    49. 

  49.             $cookie_samesite = $config->get('system.session.samesite', 'Lax');
    50. 

  50. 

  51.             if (null === $cookie_domain) {
    52. 

  52.                 $cookie_domain = $uri->host();
    53. 

  53.                 if ($cookie_domain === 'localhost') {
    54. 

  54.                     $cookie_domain = '';
    55. 

  55.                 }
    56. 

  56.             }
    57. 

  57. 

  58.             if (null === $cookie_path) {
    59. 

  59.                 $cookie_path = '/' . trim(Uri::filterPath($uri->rootUrl(false)), '/');
    60. 

  60.             }
    61. 

  61.             // Session cookie path requires trailing slash.
    62. 

  62.             $cookie_path = rtrim($cookie_path, '/') . '/';
    63. 

  63. 

  64.             // Activate admin if we're inside the admin path.
    65. 

  65.             $is_admin = false;
    66. 

  66.             if ($config->get('plugins.admin.enabled')) {
    67. 

  67.                 $admin_base = '/' . trim($config->get('plugins.admin.route'), '/');
    68. 

  68. 

  69.                 // Uri::route() is not processed yet, let's quickly get what we need.
    70. 

  70.                 $current_route = str_replace(Uri::filterPath($uri->rootUrl(false)), '', parse_url($uri->url(true), PHP_URL_PATH));
    71. 

  71. 

  72.                 // Test to see if path starts with a supported language + admin base
    73. 

  73.                 $lang = Utils::pathPrefixedByLangCode($current_route);
    74. 

  74.                 $lang_admin_base = '/' . $lang . $admin_base;
    75. 

  75. 

  76.                 // Check no language, simple language prefix (en) and region specific language prefix (en-US).
    77. 

  77.                 if (Utils::startsWith($current_route, $admin_base) || Utils::startsWith($current_route, $lang_admin_base)) {
    78. 

  78.                     $cookie_lifetime = $config->get('plugins.admin.session.timeout', 1800);
    79. 

  79.                     $enabled = $is_admin = true;
    80. 

  80.                 }
    81. 

  81.             }
    82. 

  82. 

  83.             // Fix for HUGE session timeouts.
    84. 

  84.             if ($cookie_lifetime > 99999999999) {
    85. 

  85.                 $cookie_lifetime = 9999999999;
    86. 

  86.             }
    87. 

  87. 

  88.             $session_prefix = $c['inflector']->hyphenize($config->get('system.session.name', 'grav-site'));
    89. 

  89.             $session_uniqueness = $config->get('system.session.uniqueness', 'path') === 'path' ?  substr(md5(GRAV_ROOT), 0, 7) :  md5($config->get('security.salt'));
    90. 

  90. 

  91.             $session_name = $session_prefix . '-' . $session_uniqueness;
    92. 

  92. 

  93.             if ($is_admin && $config->get('system.session.split', true)) {
    94. 

  94.                 $session_name .= '-admin';
    95. 

  95.             }
    96. 

  96. 

  97.             // Define session service.
    98. 

  98.             $options = [
    99. 

  99.                 'name' => $session_name,
    100. 

  100.                 'cookie_lifetime' => $cookie_lifetime,
    101. 

  101.                 'cookie_path' => $cookie_path,
    102. 

  102.                 'cookie_domain' => $cookie_domain,
    103. 

  103.                 'cookie_secure' => $cookie_secure,
    104. 

  104.                 'cookie_httponly' => $cookie_httponly,
    105. 

  105.                 'cookie_samesite' => $cookie_samesite
    106. 

  106.             ] + (array) $config->get('system.session.options');
    107. 

  107. 

  108.             $session = new Session($options);
    109. 

  109.             $session->setAutoStart($enabled);
    110. 

  110. 

  111.             return $session;
    112. 

  112.         };
    113. 

  113. 

  114.         // Define session message service.
    115. 

  115.         $container['messages'] = function ($c) {
    116. 

  116.             if (!isset($c['session']) || !$c['session']->isStarted()) {
    117. 

  117.                 /** @var Debugger $debugger */
    118. 

  118.                 $debugger = $c['debugger'];
    119. 

  119.                 $debugger->addMessage('Inactive session: session messages may disappear', 'warming');
    120. 

  120. 

  121.                 return new Messages();
    122. 

  122.             }
    123. 

  123. 

  124.             /** @var Session $session */
    125. 

  125.             $session = $c['session'];
    126. 

  126. 

  127.             if (!$session->messages instanceof Messages) {
    128. 

  128.                 $session->messages = new Messages();
    129. 

  129.             }
    130. 

  130. 

  131.             return $session->messages;
    132. 

  132.         };
    133. 

  133.     }
    134. 

  134. }
    135.