Skip to content

Commit

Permalink
UserStorage: implements Nette\Security\UserStorage
Browse files Browse the repository at this point in the history
  • Loading branch information
@dg
dg committed Jan 4, 2021
1 parent 7f07a26 commit 18352fb
Show file tree
Hide file tree
Showing 2 changed files with 103 additions and 67 deletions.
3 changes: 2 additions & 1 deletion composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,13 @@
"require-dev": {
"nette/di": "^3.0",
"nette/tester": "^2.0",
"nette/security": "^3.0",
"nette/security": "^3.1",
"tracy/tracy": "^2.4",
"phpstan/phpstan": "^0.12"
},
"conflict": {
"nette/di": "<3.0.3",
"nette/security": "<3.1",
"nette/schema": "<1.1"
},
"suggest": {
Expand Down
167 changes: 101 additions & 66 deletions src/Http/UserStorage.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
/**
* Session storage for user object.
*/
class UserStorage implements Nette\Security\IUserStorage
class UserStorage implements Nette\Security\UserStorage, Nette\Security\IUserStorage
{
use Nette\SmartObject;

Expand All @@ -36,58 +36,57 @@ public function __construct(Session $sessionHandler)
}


/**
* Sets the authenticated status of this user.
* @return static
*/
public function setAuthenticated(bool $state)
public function saveAuthentication(IIdentity $identity): void
{
$section = $this->getSessionSection(true);
$section->authenticated = $state;
$section->authenticated = true;
$section->reason = null;
$section->authTime = time(); // informative value
$section->identity = $identity;

// Session Fixation defence
$this->sessionHandler->regenerateId();
}

if ($state) {
$section->reason = null;
$section->authTime = time(); // informative value

} else {
$section->reason = self::MANUAL;
$section->authTime = null;
}
return $this;
public function clearAuthentication(bool $clearIdentity): void
{
$section = $this->getSessionSection(true);
$section->authenticated = false;
$section->reason = self::LOGOUT_MANUAL;
$section->authTime = null;

// Session Fixation defence
$this->sessionHandler->regenerateId();
}


/**
* Is this user authenticated?
*/
public function isAuthenticated(): bool
public function getState(): array
{
$session = $this->getSessionSection(false);
return $session && $session->authenticated;
return $session
? [(bool) $session->authenticated, $session->identity, $session->reason]
: [false, null, null];
}


/**
* Sets the user identity.
* @return static
* Enables log out after inactivity.
*/
public function setIdentity(?IIdentity $identity)
public function setExpiration(?string $time, /*bool*/ $clearIdentity = false): void
{
$this->getSessionSection(true)->identity = $identity;
return $this;
}
$section = $this->getSessionSection(true);
if ($time) {
$time = Nette\Utils\DateTime::from($time)->format('U');
$section->expireTime = $time;
$section->expireDelta = $time - time();

} else {
unset($section->expireTime, $section->expireDelta);
}

/**
* Returns current user identity, if any.
*/
public function getIdentity(): ?Nette\Security\IIdentity
{
$session = $this->getSessionSection(false);
return $session ? $session->identity : null;
$section->expireIdentity = (bool) $clearIdentity;
$section->setExpiration($time, 'foo'); // time check
}


Expand All @@ -114,38 +113,6 @@ public function getNamespace(): string
}


/**
* Enables log out after inactivity. Accepts flag IUserStorage::CLEAR_IDENTITY.
* @return static
*/
public function setExpiration(?string $time, int $flags = 0)
{
$section = $this->getSessionSection(true);
if ($time) {
$time = Nette\Utils\DateTime::from($time)->format('U');
$section->expireTime = $time;
$section->expireDelta = $time - time();

} else {
unset($section->expireTime, $section->expireDelta);
}

$section->expireIdentity = (bool) ($flags & self::CLEAR_IDENTITY);
$section->setExpiration($time, 'foo'); // time check
return $this;
}


/**
* Why was user logged out?
*/
public function getLogoutReason(): ?int
{
$session = $this->getSessionSection(false);
return $session ? $session->reason : null;
}


/**
* Returns and initializes $this->sessionSection.
*/
Expand All @@ -167,7 +134,7 @@ protected function getSessionSection(bool $need): ?SessionSection

if ($section->authenticated && $section->expireDelta > 0) { // check time expiration
if ($section->expireTime < time()) {
$section->reason = self::INACTIVITY;
$section->reason = self::LOGOUT_INACTIVITY;
$section->authenticated = false;
if ($section->expireIdentity) {
unset($section->identity);
Expand All @@ -182,4 +149,72 @@ protected function getSessionSection(bool $need): ?SessionSection

return $this->sessionSection;
}


/********************* legacy Nette\Security\IUserStorage ****************d*g**/


/**
* Sets the authenticated status of this user.
* @return static
*/
public function setAuthenticated(bool $state)
{
$section = $this->getSessionSection(true);
$section->authenticated = $state;

// Session Fixation defence
$this->sessionHandler->regenerateId();

if ($state) {
$section->reason = null;
$section->authTime = time(); // informative value

} else {
$section->reason = self::MANUAL;
$section->authTime = null;
}
return $this;
}


/**
* Is this user authenticated?
*/
public function isAuthenticated(): bool
{
$session = $this->getSessionSection(false);
return $session && $session->authenticated;
}


/**
* Sets the user identity.
* @return static
*/
public function setIdentity(?IIdentity $identity)
{
$this->getSessionSection(true)->identity = $identity;
return $this;
}


/**
* Returns current user identity, if any.
*/
public function getIdentity(): ?Nette\Security\IIdentity
{
$session = $this->getSessionSection(false);
return $session ? $session->identity : null;
}


/**
* Why was user logged out?
*/
public function getLogoutReason(): ?int
{
$session = $this->getSessionSection(false);
return $session ? $session->reason : null;
}
}

0 comments on commit 18352fb

Please sign in to comment.