/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php

https://gitlab.com/kimting254/wbms · PHP · 248 lines · 110 code · 35 blank · 103 comment · 12 complexity · e3445af76f484036e8d22ac7d04873fb MD5 · raw file 

    

  1. <?php namespace Illuminate\Session\Middleware;
    2. 

  2. 

  3. use Closure;
    4. 

  4. use Carbon\Carbon;
    5. 

  5. use Illuminate\Http\Request;
    6. 

  6. use Illuminate\Session\SessionManager;
    7. 

  7. use Illuminate\Session\SessionInterface;
    8. 

  8. use Symfony\Component\HttpFoundation\Cookie;
    9. 

  9. use Illuminate\Session\CookieSessionHandler;
    10. 

  10. use Symfony\Component\HttpFoundation\Response;
    11. 

  11. use Illuminate\Contracts\Routing\TerminableMiddleware;
    12. 

  12. 

  13. class StartSession implements TerminableMiddleware {
    14. 

  14. 

  15. 	/**
    16. 

  16. 	 * The session manager.
    17. 

  17. 	 *
    18. 

  18. 	 * @var \Illuminate\Session\SessionManager
    19. 

  19. 	 */
    20. 

  20. 	protected $manager;
    21. 

  21. 

  22. 	/**
    23. 

  23. 	 * Indicates if the session was handled for the current request.
    24. 

  24. 	 *
    25. 

  25. 	 * @var bool
    26. 

  26. 	 */
    27. 

  27. 	protected $sessionHandled = false;
    28. 

  28. 

  29. 	/**
    30. 

  30. 	 * Create a new session middleware.
    31. 

  31. 	 *
    32. 

  32. 	 * @param  \Illuminate\Session\SessionManager  $manager
    33. 

  33. 	 * @return void
    34. 

  34. 	 */
    35. 

  35. 	public function __construct(SessionManager $manager)
    36. 

  36. 	{
    37. 

  37. 		$this->manager = $manager;
    38. 

  38. 	}
    39. 

  39. 

  40. 	/**
    41. 

  41. 	 * Handle an incoming request.
    42. 

  42. 	 *
    43. 

  43. 	 * @param  \Illuminate\Http\Request  $request
    44. 

  44. 	 * @param  \Closure  $next
    45. 

  45. 	 * @return mixed
    46. 

  46. 	 */
    47. 

  47. 	public function handle($request, Closure $next)
    48. 

  48. 	{
    49. 

  49. 		$this->sessionHandled = true;
    50. 

  50. 

  51. 		// If a session driver has been configured, we will need to start the session here
    52. 

  52. 		// so that the data is ready for an application. Note that the Laravel sessions
    53. 

  53. 		// do not make use of PHP "native" sessions in any way since they are crappy.
    54. 

  54. 		if ($this->sessionConfigured())
    55. 

  55. 		{
    56. 

  56. 			$session = $this->startSession($request);
    57. 

  57. 

  58. 			$request->setSession($session);
    59. 

  59. 		}
    60. 

  60. 

  61. 		$response = $next($request);
    62. 

  62. 

  63. 		// Again, if the session has been configured we will need to close out the session
    64. 

  64. 		// so that the attributes may be persisted to some storage medium. We will also
    65. 

  65. 		// add the session identifier cookie to the application response headers now.
    66. 

  66. 		if ($this->sessionConfigured())
    67. 

  67. 		{
    68. 

  68. 			$this->storeCurrentUrl($request, $session);
    69. 

  69. 

  70. 			$this->collectGarbage($session);
    71. 

  71. 

  72. 			$this->addCookieToResponse($response, $session);
    73. 

  73. 		}
    74. 

  74. 

  75. 		return $response;
    76. 

  76. 	}
    77. 

  77. 

  78. 	/**
    79. 

  79. 	 * Perform any final actions for the request lifecycle.
    80. 

  80. 	 *
    81. 

  81. 	 * @param  \Illuminate\Http\Request  $request
    82. 

  82. 	 * @param  \Symfony\Component\HttpFoundation\Response  $response
    83. 

  83. 	 * @return void
    84. 

  84. 	 */
    85. 

  85. 	public function terminate($request, $response)
    86. 

  86. 	{
    87. 

  87. 		if ($this->sessionHandled && $this->sessionConfigured() && ! $this->usingCookieSessions())
    88. 

  88. 		{
    89. 

  89. 			$this->manager->driver()->save();
    90. 

  90. 		}
    91. 

  91. 	}
    92. 

  92. 

  93. 	/**
    94. 

  94. 	 * Start the session for the given request.
    95. 

  95. 	 *
    96. 

  96. 	 * @param  \Illuminate\Http\Request  $request
    97. 

  97. 	 * @return \Illuminate\Session\SessionInterface
    98. 

  98. 	 */
    99. 

  99. 	protected function startSession(Request $request)
    100. 

  100. 	{
    101. 

  101. 		with($session = $this->getSession($request))->setRequestOnHandler($request);
    102. 

  102. 

  103. 		$session->start();
    104. 

  104. 

  105. 		return $session;
    106. 

  106. 	}
    107. 

  107. 

  108. 	/**
    109. 

  109. 	 * Get the session implementation from the manager.
    110. 

  110. 	 *
    111. 

  111. 	 * @param  \Illuminate\Http\Request  $request
    112. 

  112. 	 * @return \Illuminate\Session\SessionInterface
    113. 

  113. 	 */
    114. 

  114. 	public function getSession(Request $request)
    115. 

  115. 	{
    116. 

  116. 		$session = $this->manager->driver();
    117. 

  117. 

  118. 		$session->setId($request->cookies->get($session->getName()));
    119. 

  119. 

  120. 		return $session;
    121. 

  121. 	}
    122. 

  122. 

  123. 	/**
    124. 

  124. 	 * Store the current URL for the request if necessary.
    125. 

  125. 	 *
    126. 

  126. 	 * @param  \Illuminate\Http\Request  $request
    127. 

  127. 	 * @param  \Illuminate\Session\SessionInterface  $session
    128. 

  128. 	 * @return void
    129. 

  129. 	 */
    130. 

  130. 	protected function storeCurrentUrl(Request $request, $session)
    131. 

  131. 	{
    132. 

  132. 		if ($request->method() === 'GET' && $request->route() && ! $request->ajax())
    133. 

  133. 		{
    134. 

  134. 			$session->setPreviousUrl($request->fullUrl());
    135. 

  135. 		}
    136. 

  136. 	}
    137. 

  137. 

  138. 	/**
    139. 

  139. 	 * Remove the garbage from the session if necessary.
    140. 

  140. 	 *
    141. 

  141. 	 * @param  \Illuminate\Session\SessionInterface  $session
    142. 

  142. 	 * @return void
    143. 

  143. 	 */
    144. 

  144. 	protected function collectGarbage(SessionInterface $session)
    145. 

  145. 	{
    146. 

  146. 		$config = $this->manager->getSessionConfig();
    147. 

  147. 

  148. 		// Here we will see if this request hits the garbage collection lottery by hitting
    149. 

  149. 		// the odds needed to perform garbage collection on any given request. If we do
    150. 

  150. 		// hit it, we'll call this handler to let it delete all the expired sessions.
    151. 

  151. 		if ($this->configHitsLottery($config))
    152. 

  152. 		{
    153. 

  153. 			$session->getHandler()->gc($this->getSessionLifetimeInSeconds());
    154. 

  154. 		}
    155. 

  155. 	}
    156. 

  156. 

  157. 	/**
    158. 

  158. 	 * Determine if the configuration odds hit the lottery.
    159. 

  159. 	 *
    160. 

  160. 	 * @param  array  $config
    161. 

  161. 	 * @return bool
    162. 

  162. 	 */
    163. 

  163. 	protected function configHitsLottery(array $config)
    164. 

  164. 	{
    165. 

  165. 		return mt_rand(1, $config['lottery'][1]) <= $config['lottery'][0];
    166. 

  166. 	}
    167. 

  167. 

  168. 	/**
    169. 

  169. 	 * Add the session cookie to the application response.
    170. 

  170. 	 *
    171. 

  171. 	 * @param  \Symfony\Component\HttpFoundation\Response  $response
    172. 

  172. 	 * @param  \Illuminate\Session\SessionInterface  $session
    173. 

  173. 	 * @return void
    174. 

  174. 	 */
    175. 

  175. 	protected function addCookieToResponse(Response $response, SessionInterface $session)
    176. 

  176. 	{
    177. 

  177. 		if ($this->usingCookieSessions())
    178. 

  178. 		{
    179. 

  179. 			$this->manager->driver()->save();
    180. 

  180. 		}
    181. 

  181. 

  182. 		if ($this->sessionIsPersistent($config = $this->manager->getSessionConfig()))
    183. 

  183. 		{
    184. 

  184. 			$response->headers->setCookie(new Cookie(
    185. 

  185. 				$session->getName(), $session->getId(), $this->getCookieExpirationDate(),
    186. 

  186. 				$config['path'], $config['domain'], array_get($config, 'secure', false)
    187. 

  187. 			));
    188. 

  188. 		}
    189. 

  189. 	}
    190. 

  190. 

  191. 	/**
    192. 

  192. 	 * Get the session lifetime in seconds.
    193. 

  193. 	 *
    194. 

  194. 	 * @return int
    195. 

  195. 	 */
    196. 

  196. 	protected function getSessionLifetimeInSeconds()
    197. 

  197. 	{
    198. 

  198. 		return array_get($this->manager->getSessionConfig(), 'lifetime') * 60;
    199. 

  199. 	}
    200. 

  200. 

  201. 	/**
    202. 

  202. 	 * Get the cookie lifetime in seconds.
    203. 

  203. 	 *
    204. 

  204. 	 * @return int
    205. 

  205. 	 */
    206. 

  206. 	protected function getCookieExpirationDate()
    207. 

  207. 	{
    208. 

  208. 		$config = $this->manager->getSessionConfig();
    209. 

  209. 

  210. 		return $config['expire_on_close'] ? 0 : Carbon::now()->addMinutes($config['lifetime']);
    211. 

  211. 	}
    212. 

  212. 

  213. 	/**
    214. 

  214. 	 * Determine if a session driver has been configured.
    215. 

  215. 	 *
    216. 

  216. 	 * @return bool
    217. 

  217. 	 */
    218. 

  218. 	protected function sessionConfigured()
    219. 

  219. 	{
    220. 

  220. 		return ! is_null(array_get($this->manager->getSessionConfig(), 'driver'));
    221. 

  221. 	}
    222. 

  222. 

  223. 	/**
    224. 

  224. 	 * Determine if the configured session driver is persistent.
    225. 

  225. 	 *
    226. 

  226. 	 * @param  array|null  $config
    227. 

  227. 	 * @return bool
    228. 

  228. 	 */
    229. 

  229. 	protected function sessionIsPersistent(array $config = null)
    230. 

  230. 	{
    231. 

  231. 		$config = $config ?: $this->manager->getSessionConfig();
    232. 

  232. 

  233. 		return ! in_array($config['driver'], array(null, 'array'));
    234. 

  234. 	}
    235. 

  235. 

  236. 	/**
    237. 

  237. 	 * Determine if the session is using cookie sessions.
    238. 

  238. 	 *
    239. 

  239. 	 * @return bool
    240. 

  240. 	 */
    241. 

  241. 	protected function usingCookieSessions()
    242. 

  242. 	{
    243. 

  243. 		if ( ! $this->sessionConfigured()) return false;
    244. 

  244. 

  245. 		return $this->manager->driver()->getHandler() instanceof CookieSessionHandler;
    246. 

  246. 	}
    247. 

  247. 

  248. }
    249.