summaryrefslogtreecommitdiff
path: root/src/Middleware
diff options
context:
space:
mode:
authorIgor Scheller <igor.scheller@igorshp.de>2018-12-28 03:28:33 +0100
committermsquare <msquare@notrademark.de>2018-12-28 20:35:44 +0100
commit491ee376517cded3c9c8d2389e3f9f21daa1a407 (patch)
tree7def296bc1e53691bb7d5b79c542e002c009ed24 /src/Middleware
parent7b3901211a0165558eebca8fe7490ca79b09f97b (diff)
Don't save sessions permanently on api and metrics paths
closes #530 (Session on API calls)
Diffstat (limited to 'src/Middleware')
-rw-r--r--src/Middleware/RouteDispatcher.php4
-rw-r--r--src/Middleware/SessionHandler.php59
-rw-r--r--src/Middleware/SessionHandlerServiceProvider.php24
3 files changed, 86 insertions, 1 deletions
diff --git a/src/Middleware/RouteDispatcher.php b/src/Middleware/RouteDispatcher.php
index 24a7906d..c20eba4b 100644
--- a/src/Middleware/RouteDispatcher.php
+++ b/src/Middleware/RouteDispatcher.php
@@ -50,7 +50,8 @@ class RouteDispatcher implements MiddlewareInterface
$path = $request->getPathInfo();
}
- $route = $this->dispatcher->dispatch($request->getMethod(), urldecode($path));
+ $path = urldecode($path);
+ $route = $this->dispatcher->dispatch($request->getMethod(), $path);
$status = $route[0];
if ($status == FastRouteDispatcher::NOT_FOUND) {
@@ -70,6 +71,7 @@ class RouteDispatcher implements MiddlewareInterface
$routeHandler = $route[1];
$request = $request->withAttribute('route-request-handler', $routeHandler);
+ $request = $request->withAttribute('route-request-path', $path);
$vars = $route[2];
foreach ($vars as $name => $value) {
diff --git a/src/Middleware/SessionHandler.php b/src/Middleware/SessionHandler.php
new file mode 100644
index 00000000..8c53b0fd
--- /dev/null
+++ b/src/Middleware/SessionHandler.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace Engelsystem\Middleware;
+
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\MiddlewareInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
+use Symfony\Component\HttpFoundation\Session\Storage\SessionStorageInterface;
+
+class SessionHandler implements MiddlewareInterface
+{
+ /** @var SessionStorageInterface */
+ protected $session;
+
+ /** @var string[] */
+ protected $paths = [];
+
+ /**
+ * @param SessionStorageInterface $session
+ * @param array $paths
+ */
+ public function __construct(SessionStorageInterface $session, array $paths = [])
+ {
+ $this->paths = $paths;
+ $this->session = $session;
+ }
+
+ /**
+ * @param ServerRequestInterface $request
+ * @param RequestHandlerInterface $handler
+ * @return ResponseInterface
+ */
+ public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+ {
+ $return = $handler->handle($request);
+
+ $cookies = $request->getCookieParams();
+ if (
+ $this->session instanceof NativeSessionStorage
+ && in_array($request->getAttribute('route-request-path'), $this->paths)
+ && !isset($cookies[$this->session->getName()])
+ ) {
+ $this->destroyNative();
+ }
+
+ return $return;
+ }
+
+ /**
+ * @return bool
+ * @codeCoverageIgnore
+ */
+ protected function destroyNative()
+ {
+ return session_destroy();
+ }
+}
diff --git a/src/Middleware/SessionHandlerServiceProvider.php b/src/Middleware/SessionHandlerServiceProvider.php
new file mode 100644
index 00000000..aefcb674
--- /dev/null
+++ b/src/Middleware/SessionHandlerServiceProvider.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Engelsystem\Middleware;
+
+use Engelsystem\Container\ServiceProvider;
+
+class SessionHandlerServiceProvider extends ServiceProvider
+{
+ public function register()
+ {
+ $this->app
+ ->when(SessionHandler::class)
+ ->needs('$paths')
+ ->give(function () {
+ return [
+ '/api',
+ '/ical',
+ '/metrics',
+ '/shifts-json-export',
+ '/stats',
+ ];
+ });
+ }
+}