Merge branch 'feature/session' of https://github.com/getgrav/grav int…

…o 1.5
getgrav · May 17, 2018 · e8fd540 · e8fd540
2 parents 718dfa9 + eae017a
commit e8fd540
Show file tree

Hide file tree

Showing 5 changed files with 409 additions and 74 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -44,9 +44,11 @@
 ## 03/21/2018
 
 1. [](#new)
+    * Added `Grav\Framework\Session` class to replace `RocketTheme\Toolbox\Session\Session`
     * Added new `|nicefilesize` Twig filter for pretty file (auto converts to bytes, kB, MB, GB, etc)
     * Added new `regex_filter()` Twig function to values in arrays
 1. [](#improved)
+    * Improved session handling, allow all session configuration options in `system.session.options`
     * Added bosnian to lang codes [#1917](https://github.com/getgrav/grav/issues/1917) 
     * Improved Zip extraction error codes [#1922](https://github.com/getgrav/grav/issues/1922)  
 1. [](#bugfix)

diff --git a/system/src/Grav/Common/Data/Validation.php b/system/src/Grav/Common/Data/Validation.php
@@ -107,7 +107,7 @@ public static function filter($value, array $field)
         $method = 'filter' . ucfirst(strtr($type, '-', '_'));
 
         // If this is a YAML field validate/filter as such
-        if ($type != 'yaml' && isset($field['yaml']) && $field['yaml'] === true) {
+        if ($type !== 'yaml' && isset($field['yaml']) && $field['yaml'] === true) {
             $method = 'filterYaml';
         }
 

diff --git a/system/src/Grav/Common/Service/SessionServiceProvider.php b/system/src/Grav/Common/Service/SessionServiceProvider.php
@@ -29,21 +29,22 @@ public function register(Container $container)
             /** @var Uri $uri */
             $uri = $c['uri'];
 
-            // Get session parameters.
-            $session_timeout = (int)$config->get('system.session.timeout', 1800);
-            $session_path = $config->get('system.session.path');
-            if (null === $session_path) {
-                $session_path = '/' . ltrim(Uri::filterPath($uri->rootUrl(false)), '/');
-            }
-            $domain = $uri->host();
-            if ($domain === 'localhost') {
-                $domain = '';
-            }
-
             // Get session options.
-            $secure = (bool)$config->get('system.session.secure', false);
-            $httponly = (bool)$config->get('system.session.httponly', true);
             $enabled = (bool)$config->get('system.session.enabled', false);
+            $cookie_secure = (bool)$config->get('system.session.secure', false);
+            $cookie_httponly = (bool)$config->get('system.session.httponly', true);
+            $cookie_lifetime = (int)$config->get('system.session.timeout', 1800);
+            $cookie_path = $config->get('system.session.path');
+            if (null === $cookie_path) {
+                $cookie_path = '/' . trim(Uri::filterPath($uri->rootUrl(false)), '/');
+            }
+            // Session cookie path requires trailing slash.
+            $cookie_path = rtrim($cookie_path, '/') . '/';
+
+            $cookie_domain = $uri->host();
+            if ($cookie_domain === 'localhost') {
+                $cookie_domain = '';
+            }
 
             // Activate admin if we're inside the admin path.
             $is_admin = false;
@@ -56,14 +57,14 @@ public function register(Container $container)
                 // Check no language, simple language prefix (en) and region specific language prefix (en-US).
                 $pos = strpos($current_route, $base);
                 if ($pos === 0 || $pos === 3 || $pos === 6) {
-                    $session_timeout = $config->get('plugins.admin.session.timeout', 1800);
+                    $cookie_lifetime = $config->get('plugins.admin.session.timeout', 1800);
                     $enabled = $is_admin = true;
                 }
             }
 
             // Fix for HUGE session timeouts.
-            if ($session_timeout > 99999999999) {
-                $session_timeout = 9999999999;
+            if ($cookie_lifetime > 99999999999) {
+                $cookie_lifetime = 9999999999;
             }
 
             $inflector = new Inflector();
@@ -73,10 +74,16 @@ public function register(Container $container)
             }
 
             // Define session service.
-            $session = new Session($session_timeout, $session_path, $domain);
-            $session->setName($session_name);
-            $session->setSecure($secure);
-            $session->setHttpOnly($httponly);
+            $options = [
+                'name' => $session_name,
+                'cookie_lifetime' => $cookie_lifetime,
+                'cookie_path' => $cookie_path,
+                'cookie_domain' => $cookie_domain,
+                'cookie_secure' => $cookie_secure,
+                'cookie_httponly' => $cookie_httponly
+            ] + (array) $config->get('system.session.options');
+
+            $session = new Session($options);
             $session->setAutoStart($enabled);
 
             return $session;

diff --git a/system/src/Grav/Common/Session.php b/system/src/Grav/Common/Session.php
@@ -8,36 +8,11 @@
 
 namespace Grav\Common;
 
-use RocketTheme\Toolbox\Session\Session as BaseSession;
-
-class Session extends BaseSession
+class Session extends \Grav\Framework\Session\Session
 {
     /** @var bool */
     protected $autoStart = false;
 
-    protected $lifetime;
-    protected $path;
-    protected $domain;
-    protected $secure;
-    protected $httpOnly;
-
-    /**
-     * @param int    $lifetime Defaults to 1800 seconds.
-     * @param string $path     Cookie path.
-     * @param string $domain   Optional, domain for the session
-     * @throws \RuntimeException
-     */
-    public function __construct($lifetime, $path, $domain = null)
-    {
-        $this->lifetime = $lifetime;
-        $this->path = $path;
-        $this->domain = $domain;
-
-        if (php_sapi_name() !== 'cli') {
-            parent::__construct($lifetime, $path, $domain);
-        }
-    }
-
     /**
      * Initialize session.
      *
@@ -48,9 +23,6 @@ public function init()
         if ($this->autoStart) {
             $this->start();
 
-            // TODO: This setcookie shouldn't be here, session should by itself be able to update its cookie.
-            setcookie(session_name(), session_id(), $this->lifetime ? time() + $this->lifetime : 0, $this->path, $this->domain, $this->secure, $this->httpOnly);
-
             $this->autoStart = false;
         }
     }
@@ -66,30 +38,6 @@ public function setAutoStart($auto)
         return $this;
     }
 
-    /**
-     * @param bool $secure
-     * @return $this
-     */
-    public function setSecure($secure)
-    {
-        $this->secure = $secure;
-        ini_set('session.cookie_secure', (bool)$secure);
-
-        return $this;
-    }
-
-    /**
-     * @param bool $httpOnly
-     * @return $this
-     */
-    public function setHttpOnly($httpOnly)
-    {
-        $this->httpOnly = $httpOnly;
-        ini_set('session.cookie_httponly', (bool)$httpOnly);
-
-        return $this;
-    }
-
     /**
      * Store something in session temporarily.
      *