Magento Extensions Rating 2024
Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
Public Member Functions | Data Fields | Protected Attributes
Session Class Reference
Inheritance diagram for Session:
SessionManager StorageInterface SessionManagerInterface

Public Member Functions

 __construct (\Magento\Framework\App\Request\Http $request, \Magento\Framework\Session\SidResolverInterface $sidResolver, \Magento\Framework\Session\Config\ConfigInterface $sessionConfig, \Magento\Framework\Session\SaveHandlerInterface $saveHandler, \Magento\Framework\Session\ValidatorInterface $validator, \Magento\Framework\Session\StorageInterface $storage, CookieManagerInterface $cookieManager, CookieMetadataFactory $cookieMetadataFactory, \Magento\Framework\App\State $appState, \Magento\Framework\Acl\Builder $aclBuilder, \Magento\Backend\Model\UrlInterface $backendUrl, \Magento\Backend\App\ConfigInterface $config)
 
 refreshAcl ($user=null)
 
 isAllowed ($resource, $privilege=null)
 
 isLoggedIn ()
 
 prolong ()
 
 isFirstPageAfterLogin ()
 
 setIsFirstPageAfterLogin ($value)
 
 processLogin ()
 
 processLogout ()
 
 isValidForPath ($path)
 
- Public Member Functions inherited from SessionManager
 __construct (\Magento\Framework\App\Request\Http $request, SidResolverInterface $sidResolver, ConfigInterface $sessionConfig, SaveHandlerInterface $saveHandler, ValidatorInterface $validator, StorageInterface $storage, \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager, \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory, \Magento\Framework\App\State $appState)
 
 writeClose ()
 
 __call ($method, $args)
 
 start ()
 
 isSessionExists ()
 
 getData ($key='', $clear=false)
 
 getSessionId ()
 
 getName ()
 
 setName ($name)
 
 destroy (array $options=null)
 
 clearStorage ()
 
 getCookieDomain ()
 
 getCookiePath ()
 
 getCookieLifetime ()
 
 setSessionId ($sessionId)
 
 getSessionIdForHost ($urlHost)
 
 isValidForHost ($host)
 
 isValidForPath ($path)
 
 regenerateId ()
 
 expireSessionCookie ()
 

Data Fields

const XML_PATH_SESSION_LIFETIME = 'admin/security/session_lifetime'
 
- Data Fields inherited from SessionManagerInterface
const HOST_KEY = '_session_hosts'
 

Protected Attributes

 $_isFirstAfterLogin
 
 $_aclBuilder
 
 $_backendUrl
 
 $_config
 
- Protected Attributes inherited from SessionManager
 $defaultDestroyOptions = ['send_expire_cookie' => true, 'clear_storage' => true]
 
 $validator
 
 $request
 
 $sidResolver
 
 $sessionConfig
 
 $saveHandler
 
 $storage
 
 $cookieManager
 
 $cookieMetadataFactory
 

Additional Inherited Members

- Protected Member Functions inherited from SessionManager
 registerSaveHandler ()
 
 _addHost ()
 
 _getHosts ()
 
 _cleanHosts ()
 
 clearSubDomainSessionCookie ()
 
- Static Protected Attributes inherited from SessionManager
static $urlHostCache = []
 

Detailed Description

Backend Auth session model

@api @method \Magento\User\Model\User|null getUser() @method \Magento\Backend\Model\Auth\Session setUser(\Magento\User\Model\User $value) @method \Magento\Framework\Acl|null getAcl() @method \Magento\Backend\Model\Auth\Session setAcl(\Magento\Framework\Acl $value) @method int getUpdatedAt() @method \Magento\Backend\Model\Auth\Session setUpdatedAt(int $value)

@SuppressWarnings(PHPMD.CouplingBetweenObjects)

Todo:
implement solution that keeps is_first_visit flag in session during redirects @api
Since
100.0.2

Definition at line 27 of file Session.php.

Constructor & Destructor Documentation

◆ __construct()

__construct ( \Magento\Framework\App\Request\Http  $request,
\Magento\Framework\Session\SidResolverInterface  $sidResolver,
\Magento\Framework\Session\Config\ConfigInterface  $sessionConfig,
\Magento\Framework\Session\SaveHandlerInterface  $saveHandler,
\Magento\Framework\Session\ValidatorInterface  $validator,
\Magento\Framework\Session\StorageInterface  $storage,
CookieManagerInterface  $cookieManager,
CookieMetadataFactory  $cookieMetadataFactory,
\Magento\Framework\App\State  $appState,
\Magento\Framework\Acl\Builder  $aclBuilder,
\Magento\Backend\Model\UrlInterface  $backendUrl,
\Magento\Backend\App\ConfigInterface  $config 
)
Parameters
\Magento\Framework\App\Request\Http$request
\Magento\Framework\Session\SidResolverInterface$sidResolver
\Magento\Framework\Session\Config\ConfigInterface$sessionConfig
\Magento\Framework\Session\SaveHandlerInterface$saveHandler
\Magento\Framework\Session\ValidatorInterface$validator
\Magento\Framework\Session\StorageInterface$storage
CookieManagerInterface$cookieManager
CookieMetadataFactory$cookieMetadataFactory
\Magento\Framework\App\State$appState
\Magento\Framework\Acl\Builder$aclBuilder
\Magento\Backend\Model\UrlInterface$backendUrl
\Magento\Backend\App\ConfigInterface$config
Exceptions

Definition at line 74 of file Session.php.

87  {
88  $this->_config = $config;
89  $this->_aclBuilder = $aclBuilder;
90  $this->_backendUrl = $backendUrl;
91  parent::__construct(
92  $request,
93  $sidResolver,
94  $sessionConfig,
95  $saveHandler,
96  $validator,
97  $storage,
98  $cookieManager,
99  $cookieMetadataFactory,
100  $appState
101  );
102  }
$config
$config
Definition: fraud_order.php:17

Member Function Documentation

◆ isAllowed()

isAllowed (   $resource,
  $privilege = null 
)

Check current user permission on resource and privilege

Parameters
string$resource
string$privilege
Returns
boolean

Definition at line 135 of file Session.php.

136  {
137  $user = $this->getUser();
138  $acl = $this->getAcl();
139 
140  if ($user && $acl) {
141  try {
142  return $acl->isAllowed($user->getAclRole(), $resource, $privilege);
143  } catch (\Exception $e) {
144  try {
145  if (!$acl->has($resource)) {
146  return $acl->isAllowed($user->getAclRole(), null, $privilege);
147  }
148  } catch (\Exception $e) {
149  }
150  }
151  }
152  return false;
153  }
$resource
$resource
Definition: bulk.php:12
$user
$user
Definition: dummy_user.php:13

◆ isFirstPageAfterLogin()

isFirstPageAfterLogin ( )

Check if it is the first page after successful login

Returns
bool

Definition at line 192 of file Session.php.

193  {
194  if ($this->_isFirstAfterLogin === null) {
195  $this->_isFirstAfterLogin = $this->getData('is_first_visit', true);
196  }
197  return $this->_isFirstAfterLogin;
198  }

◆ isLoggedIn()

isLoggedIn ( )

Check if user is logged in

Returns
boolean

Implements StorageInterface.

Definition at line 160 of file Session.php.

161  {
162  return $this->getUser() && $this->getUser()->getId();
163  }

◆ isValidForPath()

isValidForPath (   $path)

Skip path validation in backend area

Parameters
string$path
Returns
bool @SuppressWarnings(PHPMD.UnusedFormalParameter) @codeCoverageIgnore

Implements SessionManagerInterface.

Definition at line 252 of file Session.php.

253  {
254  return true;
255  }

◆ processLogin()

processLogin ( )

Process of configuring of current auth storage when login was performed

Returns
\Magento\Backend\Model\Auth\Session

Implements StorageInterface.

Definition at line 217 of file Session.php.

218  {
219  if ($this->getUser()) {
220  $this->regenerateId();
221 
222  if ($this->_backendUrl->useSecretKey()) {
223  $this->_backendUrl->renewSecretUrls();
224  }
225 
226  $this->setIsFirstPageAfterLogin(true);
227  $this->setAcl($this->_aclBuilder->getAcl());
228  $this->setUpdatedAt(time());
229  }
230  return $this;
231  }

◆ processLogout()

processLogout ( )

Process of configuring of current auth storage when logout was performed

Returns
\Magento\Backend\Model\Auth\Session

Implements StorageInterface.

Definition at line 238 of file Session.php.

239  {
240  $this->destroy();
241  return $this;
242  }

◆ prolong()

prolong ( )

Set session UpdatedAt to current time

Returns
void

Implements StorageInterface.

Definition at line 170 of file Session.php.

171  {
172  $lifetime = $this->_config->getValue(self::XML_PATH_SESSION_LIFETIME);
173  $cookieValue = $this->cookieManager->getCookie($this->getName());
174 
175  if ($cookieValue) {
176  $this->setUpdatedAt(time());
177  $cookieMetadata = $this->cookieMetadataFactory->createPublicCookieMetadata()
178  ->setDuration($lifetime)
179  ->setPath($this->sessionConfig->getCookiePath())
180  ->setDomain($this->sessionConfig->getCookieDomain())
181  ->setSecure($this->sessionConfig->getCookieSecure())
182  ->setHttpOnly($this->sessionConfig->getCookieHttpOnly());
183  $this->cookieManager->setPublicCookie($this->getName(), $cookieValue, $cookieMetadata);
184  }
185  }

◆ refreshAcl()

refreshAcl (   $user = null)

Refresh ACL resources stored in session

Parameters
\Magento\User\Model\User$user
Returns
\Magento\Backend\Model\Auth\Session

Definition at line 110 of file Session.php.

111  {
112  if ($user === null) {
113  $user = $this->getUser();
114  }
115  if (!$user) {
116  return $this;
117  }
118  if (!$this->getAcl() || $user->getReloadAclFlag()) {
119  $this->setAcl($this->_aclBuilder->getAcl());
120  }
121  if ($user->getReloadAclFlag()) {
122  $user->unsetData('password');
123  $user->setReloadAclFlag('0')->save();
124  }
125  return $this;
126  }
$user
$user
Definition: dummy_user.php:13

◆ setIsFirstPageAfterLogin()

setIsFirstPageAfterLogin (   $value)

Setter whether the current/next page should be treated as first page after login

Parameters
bool$value
Returns
\Magento\Backend\Model\Auth\Session

Definition at line 206 of file Session.php.

207  {
208  $this->_isFirstAfterLogin = (bool)$value;
209  return $this->setIsFirstVisit($this->_isFirstAfterLogin);
210  }
$value
$value
Definition: gender.phtml:16

Field Documentation

◆ $_aclBuilder

$_aclBuilder
protected

Definition at line 46 of file Session.php.

◆ $_backendUrl

$_backendUrl
protected

Definition at line 51 of file Session.php.

◆ $_config

$_config
protected

Definition at line 56 of file Session.php.

◆ $_isFirstAfterLogin

$_isFirstAfterLogin
protected

Definition at line 39 of file Session.php.

◆ XML_PATH_SESSION_LIFETIME

const XML_PATH_SESSION_LIFETIME = 'admin/security/session_lifetime'

Admin session lifetime config path

Definition at line 32 of file Session.php.

The documentation for this class was generated from the following file: