탐색 도움말
가입하기 로그인
zhangbj
/
web
Watch 1
Star 0
포크 0
코드 이슈 1 풀 리퀘스트 0 릴리즈 0 위키 Activity
2 커밋
1 브랜치
트리: 97d25c38f3
브랜치 태그
${ item.name }
Create branch ${ searchTerm }
from '97d25c38f3'
${ noResults }
web/vendor/illuminate/session/Middleware/StartSession.php

StartSession.php 7.0KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243 
  1. <?php

  2. 

  3. namespace Illuminate\Session\Middleware;

  4. 

  5. use Closure;

  6. use Illuminate\Http\Request;

  7. use Illuminate\Support\Carbon;

  8. use Illuminate\Session\SessionManager;

  9. use Illuminate\Contracts\Session\Session;

  10. use Illuminate\Session\CookieSessionHandler;

  11. use Symfony\Component\HttpFoundation\Cookie;

  12. use Symfony\Component\HttpFoundation\Response;

  13. 

  14. class StartSession

  15. {

  16.     /**

  17.      * The session manager.

  18.      *

  19.      * @var \Illuminate\Session\SessionManager

  20.      */

  21.     protected $manager;

  22. 

  23.     /**

  24.      * Indicates if the session was handled for the current request.

  25.      *

  26.      * @var bool

  27.      */

  28.     protected $sessionHandled = false;

  29. 

  30.     /**

  31.      * Create a new session middleware.

  32.      *

  33.      * @param  \Illuminate\Session\SessionManager  $manager

  34.      * @return void

  35.      */

  36.     public function __construct(SessionManager $manager)

  37.     {

  38.         $this->manager = $manager;

  39.     }

  40. 

  41.     /**

  42.      * Handle an incoming request.

  43.      *

  44.      * @param  \Illuminate\Http\Request  $request

  45.      * @param  \Closure  $next

  46.      * @return mixed

  47.      */

  48.     public function handle($request, Closure $next)

  49.     {

  50.         $this->sessionHandled = true;

  51. 

  52.         // If a session driver has been configured, we will need to start the session here

  53.         // so that the data is ready for an application. Note that the Laravel sessions

  54.         // do not make use of PHP "native" sessions in any way since they are crappy.

  55.         if ($this->sessionConfigured()) {

  56.             $request->setLaravelSession(

  57.                 $session = $this->startSession($request)

  58.             );

  59. 

  60.             $this->collectGarbage($session);

  61.         }

  62. 

  63.         $response = $next($request);

  64. 

  65.         // Again, if the session has been configured we will need to close out the session

  66.         // so that the attributes may be persisted to some storage medium. We will also

  67.         // add the session identifier cookie to the application response headers now.

  68.         if ($this->sessionConfigured()) {

  69.             $this->storeCurrentUrl($request, $session);

  70. 

  71.             $this->addCookieToResponse($response, $session);

  72.         }

  73. 

  74.         return $response;

  75.     }

  76. 

  77.     /**

  78.      * Perform any final actions for the request lifecycle.

  79.      *

  80.      * @param  \Illuminate\Http\Request  $request

  81.      * @param  \Symfony\Component\HttpFoundation\Response  $response

  82.      * @return void

  83.      */

  84.     public function terminate($request, $response)

  85.     {

  86.         if ($this->sessionHandled && $this->sessionConfigured() && ! $this->usingCookieSessions()) {

  87.             $this->manager->driver()->save();

  88.         }

  89.     }

  90. 

  91.     /**

  92.      * Start the session for the given request.

  93.      *

  94.      * @param  \Illuminate\Http\Request  $request

  95.      * @return \Illuminate\Contracts\Session\Session

  96.      */

  97.     protected function startSession(Request $request)

  98.     {

  99.         return tap($this->getSession($request), function ($session) use ($request) {

  100.             $session->setRequestOnHandler($request);

  101. 

  102.             $session->start();

  103.         });

  104.     }

  105. 

  106.     /**

  107.      * Get the session implementation from the manager.

  108.      *

  109.      * @param  \Illuminate\Http\Request  $request

  110.      * @return \Illuminate\Contracts\Session\Session

  111.      */

  112.     public function getSession(Request $request)

  113.     {

  114.         return tap($this->manager->driver(), function ($session) use ($request) {

  115.             $session->setId($request->cookies->get($session->getName()));

  116.         });

  117.     }

  118. 

  119.     /**

  120.      * Remove the garbage from the session if necessary.

  121.      *

  122.      * @param  \Illuminate\Contracts\Session\Session  $session

  123.      * @return void

  124.      */

  125.     protected function collectGarbage(Session $session)

  126.     {

  127.         $config = $this->manager->getSessionConfig();

  128. 

  129.         // Here we will see if this request hits the garbage collection lottery by hitting

  130.         // the odds needed to perform garbage collection on any given request. If we do

  131.         // hit it, we'll call this handler to let it delete all the expired sessions.

  132.         if ($this->configHitsLottery($config)) {

  133.             $session->getHandler()->gc($this->getSessionLifetimeInSeconds());

  134.         }

  135.     }

  136. 

  137.     /**

  138.      * Determine if the configuration odds hit the lottery.

  139.      *

  140.      * @param  array  $config

  141.      * @return bool

  142.      */

  143.     protected function configHitsLottery(array $config)

  144.     {

  145.         return random_int(1, $config['lottery'][1]) <= $config['lottery'][0];

  146.     }

  147. 

  148.     /**

  149.      * Store the current URL for the request if necessary.

  150.      *

  151.      * @param  \Illuminate\Http\Request  $request

  152.      * @param  \Illuminate\Contracts\Session\Session  $session

  153.      * @return void

  154.      */

  155.     protected function storeCurrentUrl(Request $request, $session)

  156.     {

  157.         if ($request->method() === 'GET' && $request->route() && ! $request->ajax()) {

  158.             $session->setPreviousUrl($request->fullUrl());

  159.         }

  160.     }

  161. 

  162.     /**

  163.      * Add the session cookie to the application response.

  164.      *

  165.      * @param  \Symfony\Component\HttpFoundation\Response  $response

  166.      * @param  \Illuminate\Contracts\Session\Session  $session

  167.      * @return void

  168.      */

  169.     protected function addCookieToResponse(Response $response, Session $session)

  170.     {

  171.         if ($this->usingCookieSessions()) {

  172.             $this->manager->driver()->save();

  173.         }

  174. 

  175.         if ($this->sessionIsPersistent($config = $this->manager->getSessionConfig())) {

  176.             $response->headers->setCookie(new Cookie(

  177.                 $session->getName(), $session->getId(), $this->getCookieExpirationDate(),

  178.                 $config['path'], $config['domain'], $config['secure'] ?? false,

  179.                 $config['http_only'] ?? true, false, $config['same_site'] ?? null

  180.             ));

  181.         }

  182.     }

  183. 

  184.     /**

  185.      * Get the session lifetime in seconds.

  186.      *

  187.      * @return int

  188.      */

  189.     protected function getSessionLifetimeInSeconds()

  190.     {

  191.         return ($this->manager->getSessionConfig()['lifetime'] ?? null) * 60;

  192.     }

  193. 

  194.     /**

  195.      * Get the cookie lifetime in seconds.

  196.      *

  197.      * @return \DateTimeInterface

  198.      */

  199.     protected function getCookieExpirationDate()

  200.     {

  201.         $config = $this->manager->getSessionConfig();

  202. 

  203.         return $config['expire_on_close'] ? 0 : Carbon::now()->addMinutes($config['lifetime']);

  204.     }

  205. 

  206.     /**

  207.      * Determine if a session driver has been configured.

  208.      *

  209.      * @return bool

  210.      */

  211.     protected function sessionConfigured()

  212.     {

  213.         return ! is_null($this->manager->getSessionConfig()['driver'] ?? null);

  214.     }

  215. 

  216.     /**

  217.      * Determine if the configured session driver is persistent.

  218.      *

  219.      * @param  array|null  $config

  220.      * @return bool

  221.      */

  222.     protected function sessionIsPersistent(array $config = null)

  223.     {

  224.         $config = $config ?: $this->manager->getSessionConfig();

  225. 

  226.         return ! in_array($config['driver'], [null, 'array']);

  227.     }

  228. 

  229.     /**

  230.      * Determine if the session is using cookie sessions.

  231.      *

  232.      * @return bool

  233.      */

  234.     protected function usingCookieSessions()

  235.     {

  236.         if ($this->sessionConfigured()) {

  237.             return $this->manager->driver()->getHandler() instanceof CookieSessionHandler;

  238.         }

  239. 

  240.         return false;

  241.     }

  242. }