From 3612ca7aca90b5d45310da1602256e247451cec3 Mon Sep 17 00:00:00 2001
From: Toby Zerner <toby.zerner@gmail.com>
Date: Mon, 28 Nov 2016 11:45:17 +1030
Subject: [PATCH] Allow accessing the session via the actor

This is a bit sloppy (might come up with a better solution yet), but since most events provide access to the actor but not the request, this was the easiest/quickest way to allow extensions to access the session.
---
 src/Core/User.php                             | 22 +++++++++++++++++++
 .../Middleware/AuthenticateWithSession.php    |  2 ++
 2 files changed, 24 insertions(+)

diff --git a/src/Core/User.php b/src/Core/User.php
index dfc345568..c167d0c32 100755
--- a/src/Core/User.php
+++ b/src/Core/User.php
@@ -30,6 +30,7 @@ use Flarum\Event\UserWasRegistered;
 use Flarum\Event\UserWasRenamed;
 use Flarum\Foundation\Application;
 use Illuminate\Contracts\Hashing\Hasher;
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
 /**
  * @property int $id
@@ -76,6 +77,11 @@ class User extends AbstractModel
      */
     protected $permissions = null;
 
+    /**
+     * @var SessionInterface
+     */
+    protected $session;
+
     /**
      * An array of registered user preferences. Each preference is defined with
      * a key, and its value is an array containing the following keys:.
@@ -689,6 +695,22 @@ class User extends AbstractModel
         return ! $this->can($ability, $arguments);
     }
 
+    /**
+     * @return SessionInterface
+     */
+    public function getSession()
+    {
+        return $this->session;
+    }
+
+    /**
+     * @param SessionInterface $session
+     */
+    public function setSession(SessionInterface $session)
+    {
+        $this->session = $session;
+    }
+
     /**
      * Set the hasher with which to hash passwords.
      *
diff --git a/src/Http/Middleware/AuthenticateWithSession.php b/src/Http/Middleware/AuthenticateWithSession.php
index 093dec623..607d62be6 100644
--- a/src/Http/Middleware/AuthenticateWithSession.php
+++ b/src/Http/Middleware/AuthenticateWithSession.php
@@ -28,6 +28,8 @@ class AuthenticateWithSession implements MiddlewareInterface
 
         $actor = $this->getActor($session);
 
+        $actor->setSession($session);
+
         $request = $request->withAttribute('actor', $actor);
 
         return $out ? $out($request, $response) : $response;