Delegate session operations to SessionManager

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
author: VirtualTam <virtualtam@flibidi.net> 2018-04-04 00:54:59 +0200
committer: VirtualTam <virtualtam@flibidi.net> 2018-06-02 16:45:54 +0200
commit: c7721487b2459e6760cae9d6292b7d39c306d3d6 (patch)
tree: 61ff94a51d8288e783fe2161fc2d6493b9bcf95f /application/LoginManager.php
parent: 1b28c66cc77b59f716aa47e6207142a7f86c2c2d (diff)
download: Shaarli-c7721487b2459e6760cae9d6292b7d39c306d3d6.tar.gz
Shaarli-c7721487b2459e6760cae9d6292b7d39c306d3d6.tar.zst
Shaarli-c7721487b2459e6760cae9d6292b7d39c306d3d6.zip
1 files changed, 10 insertions, 17 deletions
diff --git a/application/LoginManager.php b/application/LoginManager.php
index d81c6c05..347fb3b9 100644
--- a/application/LoginManager.php
+++ b/application/LoginManager.php
@@ -1,6 +1,8 @@
 <?php
 namespace Shaarli;
+use Shaarli\Config\ConfigManager;
 /**
 * User login management
 */
@@ -62,34 +64,24 @@ class LoginManager
            return;
        }
+        $clientIpId = client_ip_id($server);
        if (isset($cookie[SessionManager::$LOGGED_IN_COOKIE])
            && $cookie[SessionManager::$LOGGED_IN_COOKIE] === $token
        ) {
-            $this->sessionManager->storeLoginInfo($server);
+            $this->sessionManager->storeLoginInfo($clientIpId);
            $this->isLoggedIn = true;
        }
-        // Logout when:
+        if ($this->sessionManager->hasSessionExpired()
-        // - the session does not exist on the server side
+            || $this->sessionManager->hasClientIpChanged($clientIpId)
-        // - the session has expired
-        // - the client IP address has changed
-        if (empty($session['uid'])
-            || ($this->configManager->get('security.session_protection_disabled') === false
-                && $session['ip'] != client_ip_id($server))
-            || time() >= $session['expires_on']
        ) {
            $this->sessionManager->logout($webPath);
            $this->isLoggedIn = false;
            return;
        }
-        // Extend session validity
+        $this->sessionManager->extendSession();
-        if (! empty($session['longlastingsession'])) {
-            // "Stay signed in" is enabled
-            $session['expires_on'] = time() + $session['longlastingsession'];
-        } else {
-            $session['expires_on'] = time() + SessionManager::$INACTIVITY_TIMEOUT;
-        }
    }
    /**
@@ -129,7 +121,8 @@ class LoginManager
            return false;
        }
-        $this->sessionManager->storeLoginInfo($server);
+        $clientIpId = client_ip_id($server);
+        $this->sessionManager->storeLoginInfo($clientIpId);
        logm(
            $this->configManager->get('resource.log'),
            $server['REMOTE_ADDR'],
author	VirtualTam <virtualtam@flibidi.net>	2018-04-04 00:54:59 +0200
committer	VirtualTam <virtualtam@flibidi.net>	2018-06-02 16:45:54 +0200
commit	c7721487b2459e6760cae9d6292b7d39c306d3d6 (patch)
tree	61ff94a51d8288e783fe2161fc2d6493b9bcf95f /application/LoginManager.php
parent	1b28c66cc77b59f716aa47e6207142a7f86c2c2d (diff)
download	Shaarli-c7721487b2459e6760cae9d6292b7d39c306d3d6.tar.gz Shaarli-c7721487b2459e6760cae9d6292b7d39c306d3d6.tar.zst Shaarli-c7721487b2459e6760cae9d6292b7d39c306d3d6.zip