ILIAS  release_8 Revision v8.24
class.ilAuthSession.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
24class ilAuthSession
25{
26 private const SESSION_AUTH_AUTHENTICATED = '_authsession_authenticated';
27 private const SESSION_AUTH_USER_ID = '_authsession_user_id';
28 private const SESSION_AUTH_EXPIRED = '_authsession_expired';
29
30 private static ?ilAuthSession $instance = null;
31
32 private ilLogger $logger;
33
34 private string $id = '';
35 private int $user_id = 0;
36 private bool $expired = false;
37 private bool $authenticated = false;
38
39 private function __construct(\ilLogger $logger)
40 {
41 $this->logger = $logger;
42 }
43
49 public static function getInstance(\ilLogger $logger): ilAuthSession
50 {
51 if (self::$instance) {
52 return self::$instance;
53 }
54 return self::$instance = new self($logger);
55 }
56
60 protected function getLogger(): ilLogger
61 {
62 return $this->logger;
63 }
64
68 public function init(): bool
69 {
70 session_start();
71
72 $this->setId(session_id());
73
74 $user_id = (int) ilSession::get(self::SESSION_AUTH_USER_ID);
75
76 if ($user_id) {
77 $this->getLogger()->debug('Resuming old session for user: ' . $user_id);
78 $this->setUserId((int) ilSession::get(self::SESSION_AUTH_USER_ID));
79 $this->expired = (bool) ilSession::get(self::SESSION_AUTH_EXPIRED);
80 $this->authenticated = (bool) ilSession::get(self::SESSION_AUTH_AUTHENTICATED);
81
82 $this->validateExpiration();
83 } else {
84 $this->getLogger()->debug('Started new session.');
85 $this->setUserId(ANONYMOUS_USER_ID);
86 $this->expired = false;
87 $this->authenticated = false;
88 }
89 return true;
90 }
91
95 public function isValid(): bool
96 {
97 return !$this->isExpired() && $this->isAuthenticated();
98 }
99
103 public function regenerateId(): void
104 {
105 $old_session_id = session_id();
106 session_regenerate_id(true);
107 $this->setId(session_id());
108 $this->getLogger()->info('Session regenerate id: [' . substr($old_session_id, 0, 5) . '] -> [' . substr($this->getId(), 0, 5) . ']');
109 }
110
114 public function logout(): void
115 {
116 $this->getLogger()->debug('Logout called for: ' . $this->getUserId());
117 session_regenerate_id(true);
118 session_destroy();
119
120 $this->init();
121 $this->setAuthenticated(true, ANONYMOUS_USER_ID);
122 }
123
127 public function isAuthenticated(): bool
128 {
129 return $this->authenticated;
130 }
131
135 public function setAuthenticated(bool $a_status, int $a_user_id): void
136 {
137 $this->authenticated = $a_status;
138 $this->user_id = $a_user_id;
139 ilSession::set(self::SESSION_AUTH_AUTHENTICATED, $a_status);
140 ilSession::set(self::SESSION_AUTH_USER_ID, $a_user_id);
141 $this->setExpired(false);
142 if ($a_status) {
143 $this->regenerateId();
144 }
145 }
146
150 public function isExpired(): bool
151 {
152 return $this->expired;
153 }
154
158 public function setExpired(bool $a_status): void
159 {
160 $this->expired = $a_status;
161 ilSession::set(self::SESSION_AUTH_EXPIRED, (int) $a_status);
162 }
163
167 public function setUserId(int $a_id): void
168 {
169 $this->user_id = $a_id;
170 }
171
175 public function getUserId(): int
176 {
177 return $this->user_id;
178 }
179
183 protected function validateExpiration(): bool
184 {
185 if ($this->isExpired()) {
186 // keep status
187 return false;
188 }
189
190 if (time() > ilSession::lookupExpireTime($this->getId())) {
191 $this->setExpired(true);
192 return false;
193 }
194 return true;
195 }
196
200 protected function setId(string $a_id): void
201 {
202 $this->id = $a_id;
203 }
204
208 public function getId(): string
209 {
210 return $this->id;
211 }
212}
ilAuthSession\SESSION_AUTH_AUTHENTICATED
const SESSION_AUTH_AUTHENTICATED
Definition: class.ilAuthSession.php:26
ilAuthSession\init
init()
Start auth session.
Definition: class.ilAuthSession.php:68
ilAuthSession\regenerateId
regenerateId()
Regenerate id.
Definition: class.ilAuthSession.php:103
ilAuthSession\validateExpiration
validateExpiration()
Check expired value of session.
Definition: class.ilAuthSession.php:183
ilAuthSession\isValid
isValid()
Check if current session is valid (authenticated and not expired)
Definition: class.ilAuthSession.php:95
ilAuthSession\isExpired
isExpired()
Check if current is or was expired in last request.
Definition: class.ilAuthSession.php:150
ilAuthSession\getUserId
getUserId()
Get authenticated user id.
Definition: class.ilAuthSession.php:175
ilAuthSession\setUserId
setUserId(int $a_id)
Set authenticated user id.
Definition: class.ilAuthSession.php:167
ilAuthSession\__construct
__construct(\ilLogger $logger)
Definition: class.ilAuthSession.php:39
ilAuthSession\setId
setId(string $a_id)
Set id.
Definition: class.ilAuthSession.php:200
ilAuthSession\setExpired
setExpired(bool $a_status)
Set session expired.
Definition: class.ilAuthSession.php:158
ilAuthSession\isAuthenticated
isAuthenticated()
Check if session is authenticated.
Definition: class.ilAuthSession.php:127
ilAuthSession\getInstance
static getInstance(\ilLogger $logger)
Get instance.
Definition: class.ilAuthSession.php:49
ilAuthSession\getId
getId()
get session id
Definition: class.ilAuthSession.php:208
ilAuthSession\logout
logout()
Logout user => stop session.
Definition: class.ilAuthSession.php:114
ilAuthSession\$instance
static ilAuthSession $instance
Definition: class.ilAuthSession.php:30
ilAuthSession\setAuthenticated
setAuthenticated(bool $a_status, int $a_user_id)
Set authenticated.
Definition: class.ilAuthSession.php:135
ilLogger
Component logger with individual log levels by component id.
Definition: class.ilLogger.php:17
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:459
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:451
ilSession\lookupExpireTime
static lookupExpireTime(string $a_session_id)
Lookup expire time for a specific session.
Definition: class.ilSession.php:103
ANONYMOUS_USER_ID
const ANONYMOUS_USER_ID
Definition: constants.php:27