d8/d41/class_8ilAuthSession_8php_source.html

<?php


declare(strict_types=1);


class ilAuthSession

{

    private const string SESSION_AUTH_AUTHENTICATED = '_authsession_authenticated';

    private const string SESSION_AUTH_USER_ID = '_authsession_user_id';

    private const string SESSION_AUTH_EXPIRED = '_authsession_expired';


    private static ?ilAuthSession $instance = null;


    private ilLogger $logger;


    private string $id = '';

    private int $user_id = 0;

    private bool $expired = false;

    private bool $authenticated = false;


    private function __construct(ilLogger $logger)

    {

        $this->logger = $logger;

    }


    public static function getInstance(ilLogger $logger): ilAuthSession

    {

        if (self::$instance) {

            return self::$instance;

        }

        return self::$instance = new self($logger);

    }


    protected function getLogger(): ilLogger

    {

        return $this->logger;

    }


    public function init(): bool

    {

        if (session_status() === PHP_SESSION_ACTIVE) {

            $this->getLogger()->error(__METHOD__ . ' called with active session.');

            $this->getLogger()->logStack(ilLogLevel::ERROR);

            return false;

        }


        session_start();


        $this->setId(session_id());


        $user_id = (int) (ilSession::get(self::SESSION_AUTH_USER_ID) ?? ANONYMOUS_USER_ID);


        if ($user_id) {

            $this->getLogger()->debug('Resuming old session for user: ' . $user_id);

            $this->setUserId($user_id);

            $this->expired = (bool) ilSession::get(self::SESSION_AUTH_EXPIRED);

            $this->authenticated = (bool) ilSession::get(self::SESSION_AUTH_AUTHENTICATED);


            $this->validateExpiration();

        } else {

            $this->getLogger()->debug('Started new session.');

            $this->setUserId(ANONYMOUS_USER_ID);

            $this->expired = false;

            $this->authenticated = false;

        }

        return true;

    }


    public function isValid(): bool

    {

        return !$this->isExpired() && $this->isAuthenticated();

    }


    public function regenerateId(): void

    {

        $old_session_id = session_id();

        session_regenerate_id(true);

        $this->setId(session_id());

        $this->getLogger()->info('Session regenerate id: [' . substr($old_session_id, 0, 5) . '] -> [' . substr($this->getId(), 0, 5) . ']');

    }


    public function logout(): void

    {

        $this->getLogger()->debug('Logout called for: ' . $this->getUserId());

        session_regenerate_id(true);

        session_destroy();


        $this->init();

        $this->setAuthenticated(true, ANONYMOUS_USER_ID);

    }


    public function isAuthenticated(): bool

    {

        return $this->authenticated || $this->user_id === ANONYMOUS_USER_ID;

    }


    public function setAuthenticated(bool $a_status, int $a_user_id): void

    {

        $this->authenticated = $a_status;

        $this->user_id = $a_user_id;

        ilSession::set(self::SESSION_AUTH_AUTHENTICATED, $a_status);

        ilSession::set(self::SESSION_AUTH_USER_ID, $a_user_id);

        $this->setExpired(false);

        if ($a_status) {

            $this->regenerateId();

        }

    }


    public function isExpired(): bool

    {

        return $this->expired && $this->user_id !== ANONYMOUS_USER_ID;

    }


    public function setExpired(bool $a_status): void

    {

        $this->expired = $a_status;

        ilSession::set(self::SESSION_AUTH_EXPIRED, (int) $a_status);

    }


    public function setUserId(int $a_id): void

    {

        $this->user_id = $a_id;

    }


    public function getUserId(): int

    {

        return $this->user_id;

    }


    protected function validateExpiration(): bool

    {

        if ($this->isExpired()) {

            // keep status

            return false;

        }


        if (time() > ilSession::lookupExpireTime($this->getId())) {

            $this->setExpired(true);

            return false;

        }

        return true;

    }


    protected function setId(string $a_id): void

    {

        $this->id = $a_id;

    }


    public function getId(): string

    {

        return $this->id;

    }

}

ilAuthSession
Definition: class.ilAuthSession.php:22

ilAuthSession\getInstance
static getInstance(ilLogger $logger)
Definition: class.ilAuthSession.php:41

ilAuthSession\$user_id
int $user_id
Definition: class.ilAuthSession.php:32

ilAuthSession\init
init()
Start auth session.
Definition: class.ilAuthSession.php:57

ilAuthSession\regenerateId
regenerateId()
Regenerate id.
Definition: class.ilAuthSession.php:98

ilAuthSession\SESSION_AUTH_AUTHENTICATED
const string SESSION_AUTH_AUTHENTICATED
Definition: class.ilAuthSession.php:23

ilAuthSession\validateExpiration
validateExpiration()
Check expired value of session.
Definition: class.ilAuthSession.php:178

ilAuthSession\SESSION_AUTH_EXPIRED
const string SESSION_AUTH_EXPIRED
Definition: class.ilAuthSession.php:25

ilAuthSession\getLogger
getLogger()
Definition: class.ilAuthSession.php:49

ilAuthSession\$id
string $id
Definition: class.ilAuthSession.php:31

ilAuthSession\__construct
__construct(ilLogger $logger)
Definition: class.ilAuthSession.php:36

ilAuthSession\isValid
isValid()
Check if current session is valid (authenticated and not expired)
Definition: class.ilAuthSession.php:90

ilAuthSession\isExpired
isExpired()
Check if current is or was expired in last request.
Definition: class.ilAuthSession.php:145

ilAuthSession\getUserId
getUserId()
Get authenticated user id.
Definition: class.ilAuthSession.php:170

ilAuthSession\setUserId
setUserId(int $a_id)
Set authenticated user id.
Definition: class.ilAuthSession.php:162

ilAuthSession\setId
setId(string $a_id)
Set id.
Definition: class.ilAuthSession.php:195

ilAuthSession\setExpired
setExpired(bool $a_status)
Set session expired.
Definition: class.ilAuthSession.php:153

ilAuthSession\SESSION_AUTH_USER_ID
const string SESSION_AUTH_USER_ID
Definition: class.ilAuthSession.php:24

ilAuthSession\$logger
ilLogger $logger
Definition: class.ilAuthSession.php:29

ilAuthSession\isAuthenticated
isAuthenticated()
Check if session is authenticated.
Definition: class.ilAuthSession.php:122

ilAuthSession\getId
getId()
get session id
Definition: class.ilAuthSession.php:203

ilAuthSession\logout
logout()
Logout user => stop session.
Definition: class.ilAuthSession.php:109

ilAuthSession\$instance
static ilAuthSession $instance
Definition: class.ilAuthSession.php:27

ilAuthSession\setAuthenticated
setAuthenticated(bool $a_status, int $a_user_id)
Set authenticated.
Definition: class.ilAuthSession.php:130

ilAuthSession\$expired
bool $expired
Definition: class.ilAuthSession.php:33

ilAuthSession\$authenticated
bool $authenticated
Definition: class.ilAuthSession.php:34

ilLogLevel\ERROR
const ERROR
Definition: class.ilLogLevel.php:36

ilLogger
Component logger with individual log levels by component id.
Definition: class.ilLogger.php:29

ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:388

ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:380

ilSession\lookupExpireTime
static lookupExpireTime(string $a_session_id)
Lookup expire time for a specific session.
Definition: class.ilSession.php:77

ANONYMOUS_USER_ID
const ANONYMOUS_USER_ID
Definition: constants.php:27

ILIAS\Repository\int
int(string $key)
Definition: trait.BaseGUIRequest.php:61

ILIAS\Repository\logger
logger()
Definition: trait.GlobalDICDomainServices.php:71