mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-13 07:54:25 +02:00
Code Issues Releases Wiki Activity
Files
57570d960e4407a1866081b48d06898ffe61c57e
php-flarum/src/Http/Middleware/StartSession.php
Daniël Klabbers 57570d960e Update StartSession.php 
Fixed CookieFactory typo in phpdoc.
2017-06-19 16:47:20 +02:00

86 lines
2.1 KiB
PHP
Raw Blame History

<?php
/*
* This file is part of Flarum.
*
* (c) Toby Zerner <toby.zerner@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Flarum\Http\Middleware;
use Dflydev\FigCookies\FigResponseCookies;
use Flarum\Http\CookieFactory;
use Illuminate\Support\Str;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Zend\Stratigility\MiddlewareInterface;
class StartSession implements MiddlewareInterface
{
/**
* @var CookieFactory
*/
protected $cookie;
/**
* Rememberer constructor.
* @param CookieFactory $cookie
*/
public function __construct(CookieFactory $cookie)
{
$this->cookie = $cookie;
}
/**
* {@inheritdoc}
*/
public function __invoke(Request $request, Response $response, callable $out = null)
{
$session = $this->startSession();
$request = $request->withAttribute('session', $session);
$response = $out ? $out($request, $response) : $response;
$response = $this->withCsrfTokenHeader($response, $session);
return $this->withSessionCookie($response, $session);
}
private function startSession()
{
$session = new Session;
$session->setName('flarum_session');
$session->start();
if (! $session->has('csrf_token')) {
$session->set('csrf_token', Str::random(40));
}
return $session;
}
private function withCsrfTokenHeader(Response $response, SessionInterface $session)
{
if ($session->has('csrf_token')) {
$response = $response->withHeader('X-CSRF-Token', $session->get('csrf_token'));
}
return $response;
}
private function withSessionCookie(Response $response, SessionInterface $session)
{
return FigResponseCookies::set(
$response,
$this->cookie->make($session->getName(), $session->getId())
);
}
}
Reference in New Issue View Git Blame Copy Permalink