X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2FSessionManager.php;h=7bfd22205d3038604e406d9cf6d2aae89aff1041;hb=49f183231662c642ca9df6ceabf43fe128a5ffc1;hp=71f0b38dc227e38e2a9022a5c6c7a417060db935;hpb=286757ab29660916f6b66d1fc0ad3b53aef337c8;p=github%2Fshaarli%2FShaarli.git diff --git a/application/SessionManager.php b/application/SessionManager.php index 71f0b38d..7bfd2220 100644 --- a/application/SessionManager.php +++ b/application/SessionManager.php @@ -6,8 +6,18 @@ namespace Shaarli; */ class SessionManager { + /** Session expiration timeout, in seconds */ + public static $INACTIVITY_TIMEOUT = 3600; + + /** Name of the cookie set after logging in **/ + public static $LOGGED_IN_COOKIE = 'shaarli_staySignedIn'; + + /** Local reference to the global $_SESSION array */ protected $session = []; + /** ConfigManager instance **/ + protected $conf = null; + /** * Constructor * @@ -80,4 +90,38 @@ class SessionManager return true; } + + /** + * Store user login information after a successful login + * + * @param array $server The global $_SERVER array + */ + public function storeLoginInfo($server) + { + // Generate unique random number (different than phpsessionid) + $this->session['uid'] = sha1(uniqid('', true) . '_' . mt_rand()); + $this->session['ip'] = client_ip_id($server); + $this->session['username'] = $this->conf->get('credentials.login'); + $this->session['expires_on'] = time() + self::$INACTIVITY_TIMEOUT; + } + + /** + * Logout a user by unsetting all login information + * + * See: + * - https://secure.php.net/manual/en/function.setcookie.php + * + * @param string $webPath path on the server in which the cookie will be available on + */ + public function logout($webPath) + { + if (isset($this->session)) { + unset($this->session['uid']); + unset($this->session['ip']); + unset($this->session['username']); + unset($this->session['visibility']); + unset($this->session['untaggedonly']); + } + setcookie(self::$LOGGED_IN_COOKIE, 'false', 0, $webPath); + } }