1: <?php
  2: 
  3: /**
  4:  * This file is part of the Nette Framework (https://nette.org)
  5:  * Copyright (c) 2004 David Grudl (https://davidgrudl.com)
  6:  */
  7: 
  8: namespace Nette\Http;
  9: 
 10: use Nette;
 11: use Nette\Security\IIdentity;
 12: 
 13: 
 14: /**
 15:  * Session storage for user object.
 16:  */
 17: class UserStorage implements Nette\Security\IUserStorage
 18: {
 19:     use Nette\SmartObject;
 20: 
 21:     /** @var string */
 22:     private $namespace = '';
 23: 
 24:     /** @var Session */
 25:     private $sessionHandler;
 26: 
 27:     /** @var SessionSection */
 28:     private $sessionSection;
 29: 
 30: 
 31:     public function __construct(Session $sessionHandler)
 32:     {
 33:         $this->sessionHandler = $sessionHandler;
 34:     }
 35: 
 36: 
 37:     /**
 38:      * Sets the authenticated status of this user.
 39:      * @param  bool
 40:      * @return static
 41:      */
 42:     public function setAuthenticated($state)
 43:     {
 44:         $section = $this->getSessionSection(true);
 45:         $section->authenticated = (bool) $state;
 46: 
 47:         // Session Fixation defence
 48:         $this->sessionHandler->regenerateId();
 49: 
 50:         if ($state) {
 51:             $section->reason = null;
 52:             $section->authTime = time(); // informative value
 53: 
 54:         } else {
 55:             $section->reason = self::MANUAL;
 56:             $section->authTime = null;
 57:         }
 58:         return $this;
 59:     }
 60: 
 61: 
 62:     /**
 63:      * Is this user authenticated?
 64:      * @return bool
 65:      */
 66:     public function isAuthenticated()
 67:     {
 68:         $session = $this->getSessionSection(false);
 69:         return $session && $session->authenticated;
 70:     }
 71: 
 72: 
 73:     /**
 74:      * Sets the user identity.
 75:      * @return static
 76:      */
 77:     public function setIdentity(IIdentity $identity = null)
 78:     {
 79:         $this->getSessionSection(true)->identity = $identity;
 80:         return $this;
 81:     }
 82: 
 83: 
 84:     /**
 85:      * Returns current user identity, if any.
 86:      * @return Nette\Security\IIdentity|null
 87:      */
 88:     public function getIdentity()
 89:     {
 90:         $session = $this->getSessionSection(false);
 91:         return $session ? $session->identity : null;
 92:     }
 93: 
 94: 
 95:     /**
 96:      * Changes namespace; allows more users to share a session.
 97:      * @param  string
 98:      * @return static
 99:      */
100:     public function setNamespace($namespace)
101:     {
102:         if ($this->namespace !== $namespace) {
103:             $this->namespace = (string) $namespace;
104:             $this->sessionSection = null;
105:         }
106:         return $this;
107:     }
108: 
109: 
110:     /**
111:      * Returns current namespace.
112:      * @return string
113:      */
114:     public function getNamespace()
115:     {
116:         return $this->namespace;
117:     }
118: 
119: 
120:     /**
121:      * Enables log out after inactivity.
122:      * @param  string|int|\DateTimeInterface Number of seconds or timestamp
123:      * @param  int  flag IUserStorage::CLEAR_IDENTITY
124:      * @return static
125:      */
126:     public function setExpiration($time, $flags = 0)
127:     {
128:         $section = $this->getSessionSection(true);
129:         if ($time) {
130:             $time = Nette\Utils\DateTime::from($time)->format('U');
131:             $section->expireTime = $time;
132:             $section->expireDelta = $time - time();
133: 
134:         } else {
135:             unset($section->expireTime, $section->expireDelta);
136:         }
137: 
138:         $section->expireIdentity = (bool) ($flags & self::CLEAR_IDENTITY);
139:         $section->setExpiration($time, 'foo'); // time check
140:         return $this;
141:     }
142: 
143: 
144:     /**
145:      * Why was user logged out?
146:      * @return int|null
147:      */
148:     public function getLogoutReason()
149:     {
150:         $session = $this->getSessionSection(false);
151:         return $session ? $session->reason : null;
152:     }
153: 
154: 
155:     /**
156:      * Returns and initializes $this->sessionSection.
157:      * @return SessionSection|null
158:      */
159:     protected function getSessionSection($need)
160:     {
161:         if ($this->sessionSection !== null) {
162:             return $this->sessionSection;
163:         }
164: 
165:         if (!$need && !$this->sessionHandler->exists()) {
166:             return null;
167:         }
168: 
169:         $this->sessionSection = $section = $this->sessionHandler->getSection('Nette.Http.UserStorage/' . $this->namespace);
170: 
171:         if (!$section->identity instanceof IIdentity || !is_bool($section->authenticated)) {
172:             $section->remove();
173:         }
174: 
175:         if ($section->authenticated && $section->expireDelta > 0) { // check time expiration
176:             if ($section->expireTime < time()) {
177:                 $section->reason = self::INACTIVITY;
178:                 $section->authenticated = false;
179:                 if ($section->expireIdentity) {
180:                     unset($section->identity);
181:                 }
182:             }
183:             $section->expireTime = time() + $section->expireDelta; // sliding expiration
184:         }
185: 
186:         if (!$section->authenticated) {
187:             unset($section->expireTime, $section->expireDelta, $section->expireIdentity, $section->authTime);
188:         }
189: 
190:         return $this->sessionSection;
191:     }
192: }
193: