From c7721487b2459e6760cae9d6292b7d39c306d3d6 Mon Sep 17 00:00:00 2001 From: VirtualTam Date: Wed, 4 Apr 2018 00:54:59 +0200 Subject: Delegate session operations to SessionManager Signed-off-by: VirtualTam --- application/LoginManager.php | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) (limited to 'application/LoginManager.php') diff --git a/application/LoginManager.php b/application/LoginManager.php index d81c6c05..347fb3b9 100644 --- a/application/LoginManager.php +++ b/application/LoginManager.php @@ -1,6 +1,8 @@ sessionManager->storeLoginInfo($server); + $this->sessionManager->storeLoginInfo($clientIpId); $this->isLoggedIn = true; } - // Logout when: - // - the session does not exist on the server side - // - the session has expired - // - the client IP address has changed - if (empty($session['uid']) - || ($this->configManager->get('security.session_protection_disabled') === false - && $session['ip'] != client_ip_id($server)) - || time() >= $session['expires_on'] + if ($this->sessionManager->hasSessionExpired() + || $this->sessionManager->hasClientIpChanged($clientIpId) ) { $this->sessionManager->logout($webPath); $this->isLoggedIn = false; return; } - // Extend session validity - if (! empty($session['longlastingsession'])) { - // "Stay signed in" is enabled - $session['expires_on'] = time() + $session['longlastingsession']; - } else { - $session['expires_on'] = time() + SessionManager::$INACTIVITY_TIMEOUT; - } + $this->sessionManager->extendSession(); } /** @@ -129,7 +121,8 @@ class LoginManager return false; } - $this->sessionManager->storeLoginInfo($server); + $clientIpId = client_ip_id($server); + $this->sessionManager->storeLoginInfo($clientIpId); logm( $this->configManager->get('resource.log'), $server['REMOTE_ADDR'], -- cgit v1.2.3