Phauthentic /
session
| Total Complexity | 81 |
| Total Lines | 510 |
| Duplicated Lines | 0 % |
| Changes | 1 | ||
| Bugs | 0 | Features | 0 |
Complex classes like Session often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use Session, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 37 | class Session implements SessionInterface |
||
| 38 | { |
||
| 39 | /** |
||
| 40 | * The Session handler instance used as an engine for persisting the session data. |
||
| 41 | * |
||
| 42 | * @var \SessionHandlerInterface |
||
| 43 | */ |
||
| 44 | protected $handler; |
||
| 45 | |||
| 46 | /** |
||
| 47 | * The Session handler instance used as an engine for persisting the session data. |
||
| 48 | * |
||
| 49 | * @var \Phauthentic\Session\ConfigInterface |
||
| 50 | */ |
||
| 51 | protected $config; |
||
| 52 | |||
| 53 | /** |
||
| 54 | * Indicates whether the sessions has already started |
||
| 55 | * |
||
| 56 | * @var bool |
||
| 57 | */ |
||
| 58 | protected $started; |
||
| 59 | |||
| 60 | /** |
||
| 61 | * The time in seconds the session will be valid for |
||
| 62 | * |
||
| 63 | * @var int |
||
| 64 | */ |
||
| 65 | protected $lifetime; |
||
| 66 | |||
| 67 | /** |
||
| 68 | * Whether this session is running under a CLI environment |
||
| 69 | * |
||
| 70 | * @var bool |
||
| 71 | */ |
||
| 72 | protected $isCLI = false; |
||
| 73 | |||
| 74 | /** |
||
| 75 | * Constructor. |
||
| 76 | * |
||
| 77 | * ### Configuration: |
||
| 78 | * |
||
| 79 | * - timeout: The time in minutes the session should be valid for. |
||
| 80 | * - cookiePath: The url path for which session cookie is set. Maps to the |
||
| 81 | * `session.cookie_path` php.ini config. Defaults to base path of app. |
||
| 82 | * - ini: A list of php.ini directives to change before the session start. |
||
| 83 | * - handler: An array containing at least the `class` key. To be used as the session |
||
| 84 | * engine for persisting data. The rest of the keys in the array will be passed as |
||
| 85 | * the configuration array for the engine. You can set the `class` key to an already |
||
| 86 | * instantiated session handler object. |
||
| 87 | * |
||
| 88 | * @param \Phauthentic\Infrastructure\Http\Session\ConfigInterface $config The Configuration to apply to this session object |
||
| 89 | * @param \SessionHandlerInterface $handler Session Handler |
||
| 90 | */ |
||
| 91 | public function __construct( |
||
| 92 | ?ConfigInterface $config = null, |
||
| 93 | ?SessionHandlerInterface $handler = null |
||
| 94 | ) { |
||
| 95 | if ($config !== null) { |
||
| 96 | $this->config = $config; |
||
| 97 | } else { |
||
| 98 | $this->config = new Config(); |
||
| 99 | $this->config->setUseTransSid(false); |
||
| 100 | } |
||
| 101 | |||
| 102 | if ($handler !== null) { |
||
| 103 | $this->setSaveHandler($handler); |
||
| 104 | } |
||
| 105 | |||
| 106 | $this->lifetime = (int)ini_get('session.gc_maxlifetime'); |
||
| 107 | $this->isCLI = (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg'); |
||
| 108 | |||
| 109 | session_register_shutdown(); |
||
| 110 | } |
||
| 111 | |||
| 112 | /** |
||
| 113 | * @return \Phauthentic\Infrastructure\Http\Session\ConfigInterface |
||
| 114 | */ |
||
| 115 | public function config(): ConfigInterface |
||
| 118 | } |
||
| 119 | |||
| 120 | /** |
||
| 121 | * Set the engine property and update the session handler in PHP. |
||
| 122 | * |
||
| 123 | * @param \SessionHandlerInterface $handler The handler to set |
||
| 124 | * @return \SessionHandlerInterface |
||
| 125 | */ |
||
| 126 | protected function setSaveHandler(SessionHandlerInterface $handler): SessionHandlerInterface |
||
| 127 | { |
||
| 128 | if (!headers_sent()) { |
||
| 129 | session_set_save_handler($handler, false); |
||
| 130 | } |
||
| 131 | |||
| 132 | return $this->handler = $handler; |
||
| 133 | } |
||
| 134 | |||
| 135 | /** |
||
| 136 | * Starts the Session. |
||
| 137 | * |
||
| 138 | * @return bool True if session was started |
||
| 139 | * @throws \Phauthentic\Infrastructure\Http\Session\SessionException if the session was already started |
||
| 140 | */ |
||
| 141 | public function start() |
||
| 142 | { |
||
| 143 | if ($this->started) { |
||
| 144 | return true; |
||
| 145 | } |
||
| 146 | |||
| 147 | if ($this->isCLI) { |
||
| 148 | $_SESSION = []; |
||
| 149 | $this->setId('cli'); |
||
| 150 | |||
| 151 | return $this->started = true; |
||
| 152 | } |
||
| 153 | |||
| 154 | if (session_status() === PHP_SESSION_ACTIVE) { |
||
| 155 | throw new SessionException('Session was already started'); |
||
| 156 | } |
||
| 157 | |||
| 158 | if (ini_get('session.use_cookies') && headers_sent($file, $line)) { |
||
| 159 | return false; |
||
| 160 | } |
||
| 161 | |||
| 162 | if (!session_start()) { |
||
| 163 | throw new SessionException('Could not start the session'); |
||
| 164 | } |
||
| 165 | |||
| 166 | $this->started = true; |
||
| 167 | |||
| 168 | if ($this->timedOut()) { |
||
| 169 | $this->destroy(); |
||
| 170 | |||
| 171 | return $this->start(); |
||
| 172 | } |
||
| 173 | |||
| 174 | return $this->started; |
||
| 175 | } |
||
| 176 | |||
| 177 | /** |
||
| 178 | * Returns true if the session is no longer valid because the last time it was |
||
| 179 | * accessed was after the configured timeout. |
||
| 180 | * |
||
| 181 | * @return bool |
||
| 182 | */ |
||
| 183 | protected function timedOut(): bool |
||
| 184 | { |
||
| 185 | $time = $this->read('Config.time'); |
||
| 186 | $result = false; |
||
| 187 | |||
| 188 | $checkTime = $time !== null && $this->lifetime > 0; |
||
| 189 | if ($checkTime && (time() - (int)$time > $this->lifetime)) { |
||
| 190 | $result = true; |
||
| 191 | } |
||
| 192 | |||
| 193 | $this->write('Config.time', time()); |
||
| 194 | |||
| 195 | return $result; |
||
| 196 | } |
||
| 197 | |||
| 198 | /** |
||
| 199 | * Determine if Session has already been started. |
||
| 200 | * |
||
| 201 | * @return bool True if session has been started. |
||
| 202 | */ |
||
| 203 | public function hasStarted(): bool |
||
| 204 | { |
||
| 205 | return $this->started || session_status() === PHP_SESSION_ACTIVE; |
||
| 206 | } |
||
| 207 | |||
| 208 | /** |
||
| 209 | * Returns true if given variable name is set in session. |
||
| 210 | * |
||
| 211 | * @param string|null $name Variable name to check for |
||
| 212 | * @return bool True if variable is there |
||
| 213 | */ |
||
| 214 | public function check(?string $name = null): bool |
||
| 215 | { |
||
| 216 | if ($this->exists() && !$this->hasStarted()) { |
||
| 217 | $this->start(); |
||
| 218 | } |
||
| 219 | |||
| 220 | if (!isset($_SESSION)) { |
||
| 221 | return false; |
||
| 222 | } |
||
| 223 | |||
| 224 | return $this->getFromArray($_SESSION, $name) !== null; |
||
| 225 | } |
||
| 226 | |||
| 227 | /** |
||
| 228 | * Returns given session variable, or all of them, if no parameters given. |
||
| 229 | * |
||
| 230 | * @param string|null $name The name of the session variable (or a path as sent to Hash.extract) |
||
| 231 | * @return string|array|null The value of the session variable, null if session not available, |
||
| 232 | * session not started, or provided name not found in the session. |
||
| 233 | */ |
||
| 234 | public function read(?string $name = null) |
||
| 235 | { |
||
| 236 | if ($this->exists() && !$this->hasStarted()) { |
||
| 237 | $this->start(); |
||
| 238 | } |
||
| 239 | |||
| 240 | if (!isset($_SESSION)) { |
||
| 241 | return null; |
||
| 242 | } |
||
| 243 | |||
| 244 | if ($name === null) { |
||
| 245 | return $_SESSION ?? []; |
||
| 246 | } |
||
| 247 | |||
| 248 | return $this->getFromArray($_SESSION, $name); |
||
| 249 | } |
||
| 250 | |||
| 251 | /** |
||
| 252 | * Reads and deletes a variable from session. |
||
| 253 | * |
||
| 254 | * @param string $name The key to read and remove (or a path as sent to Hash.extract). |
||
| 255 | * @return mixed The value of the session variable, null if session not available, |
||
| 256 | * session not started, or provided name not found in the session. |
||
| 257 | */ |
||
| 258 | public function consume(string $name) |
||
| 259 | { |
||
| 260 | if (empty($name)) { |
||
| 261 | return null; |
||
| 262 | } |
||
| 263 | |||
| 264 | $value = $this->read($name); |
||
| 265 | if ($value !== null) { |
||
| 266 | $data = $_SESSION; |
||
| 267 | $this->setToArray($data, $name, null); |
||
| 268 | $this->overwrite($_SESSION, $data); |
||
| 269 | } |
||
| 270 | |||
| 271 | return $value; |
||
| 272 | } |
||
| 273 | |||
| 274 | /** |
||
| 275 | * Writes value to given session variable name. |
||
| 276 | * |
||
| 277 | * @param string|array $name Name of variable |
||
| 278 | * @param mixed $value Value to write |
||
| 279 | * @return void |
||
| 280 | */ |
||
| 281 | public function write($name, $value = null): void |
||
| 282 | { |
||
| 283 | if (!$this->hasStarted()) { |
||
| 284 | $this->start(); |
||
| 285 | } |
||
| 286 | |||
| 287 | $write = $name; |
||
| 288 | if (!is_array($name)) { |
||
| 289 | $write = [$name => $value]; |
||
| 290 | } |
||
| 291 | |||
| 292 | $data = $_SESSION; |
||
| 293 | foreach ($write as $key => $val) { |
||
| 294 | $this->setToArray($data, $key, $value); |
||
| 295 | } |
||
| 296 | |||
| 297 | $this->overwrite($_SESSION, $data); |
||
| 298 | } |
||
| 299 | |||
| 300 | /** |
||
| 301 | * Returns the session id. |
||
| 302 | * |
||
| 303 | * Calling this method will not auto start the session. You might have to manually |
||
| 304 | * assert a started session. |
||
| 305 | * |
||
| 306 | * Passing an id into it, you can also replace the session id if the session |
||
| 307 | * has not already been started. |
||
| 308 | * |
||
| 309 | * Note that depending on the session handler, not all characters are allowed |
||
| 310 | * within the session id. For example, the file session handler only allows |
||
| 311 | * characters in the range a-z A-Z 0-9 , (comma) and - (minus). |
||
| 312 | * |
||
| 313 | * @param string|null $id Id to replace the current session id |
||
| 314 | * @return string Session id |
||
| 315 | */ |
||
| 316 | public function id(?string $id = null): string |
||
| 323 | } |
||
| 324 | |||
| 325 | /** |
||
| 326 | * Returns the current sessions id |
||
| 327 | * |
||
| 328 | * @return string |
||
| 329 | */ |
||
| 330 | public function getId(): string |
||
| 333 | } |
||
| 334 | |||
| 335 | /** |
||
| 336 | * Sets the session id |
||
| 337 | * |
||
| 338 | * Calling this method will not auto start the session. You might have to manually |
||
| 339 | * assert a started session. |
||
| 340 | * |
||
| 341 | * Passing an id into it, you can also replace the session id if the session |
||
| 342 | * has not already been started. |
||
| 343 | * |
||
| 344 | * Note that depending on the session handler, not all characters are allowed |
||
| 345 | * within the session id. For example, the file session handler only allows |
||
| 346 | * characters in the range a-z A-Z 0-9 , (comma) and - (minus). |
||
| 347 | * |
||
| 348 | * @param string $id Session Id |
||
| 349 | * @return $this |
||
| 350 | */ |
||
| 351 | public function setId(string $id): self |
||
| 362 | } |
||
| 363 | |||
| 364 | /** |
||
| 365 | * Removes a variable from session. |
||
| 366 | * |
||
| 367 | * @param string $name Session variable to remove |
||
| 368 | * @return void |
||
| 369 | */ |
||
| 370 | public function delete(string $name): void |
||
| 371 | { |
||
| 372 | if ($this->check($name)) { |
||
| 373 | $data = $_SESSION; |
||
| 374 | $this->setToArray($data, $name, null); |
||
| 375 | $this->overwrite($_SESSION, $data); |
||
| 376 | } |
||
| 377 | } |
||
| 378 | |||
| 379 | /** |
||
| 380 | * Used to write new data to _SESSION, since PHP doesn't like us setting the _SESSION var itself. |
||
| 381 | * |
||
| 382 | * @param array $old Set of old variables => values |
||
| 383 | * @param array $new New set of variable => value |
||
| 384 | * @return void |
||
| 385 | */ |
||
| 386 | protected function overwrite(&$old, $new) |
||
| 387 | { |
||
| 388 | if (!empty($old)) { |
||
| 389 | foreach ($old as $key => $var) { |
||
| 390 | if (!isset($new[$key])) { |
||
| 391 | unset($old[$key]); |
||
| 392 | } |
||
| 393 | } |
||
| 394 | } |
||
| 395 | |||
| 396 | foreach ($new as $key => $var) { |
||
| 397 | $old[$key] = $var; |
||
| 398 | } |
||
| 399 | } |
||
| 400 | |||
| 401 | /** |
||
| 402 | * Helper method to destroy invalid sessions. |
||
| 403 | * |
||
| 404 | * @return void |
||
| 405 | */ |
||
| 406 | public function destroy() |
||
| 407 | { |
||
| 408 | if ($this->exists() && !$this->hasStarted()) { |
||
| 409 | $this->start(); |
||
| 410 | } |
||
| 411 | |||
| 412 | if (!$this->isCLI && session_status() === PHP_SESSION_ACTIVE) { |
||
| 413 | session_destroy(); |
||
| 414 | } |
||
| 415 | |||
| 416 | $_SESSION = []; |
||
| 417 | $this->started = false; |
||
| 418 | } |
||
| 419 | |||
| 420 | /** |
||
| 421 | * Clears the session. |
||
| 422 | * |
||
| 423 | * Optionally it also clears the session id and renews the session. |
||
| 424 | * |
||
| 425 | * @param bool $renew If session should be renewed, as well. Defaults to false. |
||
| 426 | * @return void |
||
| 427 | */ |
||
| 428 | public function clear($renew = false) |
||
| 429 | { |
||
| 430 | $_SESSION = []; |
||
| 431 | if ($renew) { |
||
| 432 | $this->renew(); |
||
| 433 | } |
||
| 434 | } |
||
| 435 | |||
| 436 | /** |
||
| 437 | * Returns whether a session exists |
||
| 438 | * |
||
| 439 | * @return bool |
||
| 440 | */ |
||
| 441 | public function exists() |
||
| 442 | { |
||
| 443 | return !ini_get('session.use_cookies') |
||
| 444 | || isset($_COOKIE[session_name()]) |
||
| 445 | || $this->isCLI |
||
| 446 | || (ini_get('session.use_trans_sid') && isset($_GET[session_name()])); |
||
| 447 | } |
||
| 448 | |||
| 449 | /** |
||
| 450 | * Restarts this session. |
||
| 451 | * |
||
| 452 | * @return void |
||
| 453 | */ |
||
| 454 | public function renew(): void |
||
| 474 | } |
||
| 475 | } |
||
| 476 | |||
| 477 | /** |
||
| 478 | * Returns true if the session is no longer valid because the last time it was |
||
| 479 | * accessed was after the configured timeout. |
||
| 480 | * |
||
| 481 | * @return bool |
||
| 482 | */ |
||
| 483 | public function hasExpired(): bool |
||
| 484 | { |
||
| 485 | $time = $this->read('Config.time'); |
||
| 496 | } |
||
| 497 | |||
| 498 | /** |
||
| 499 | * @link https://medium.com/@assertchris/dot-notation-3fd3e42edc61 |
||
| 500 | */ |
||
| 501 | protected function getFromArray($array, string $key, $default = null) |
||
| 502 | { |
||
| 503 | if (is_null($key)) { |
||
| 504 | return $array; |
||
| 505 | } |
||
| 506 | |||
| 507 | if (isset($array[$key])) { |
||
| 508 | return $array[$key]; |
||
| 509 | } |
||
| 510 | |||
| 511 | foreach (explode('.', $key) as $segment) { |
||
| 512 | if (!is_array($array) || |
||
| 513 | !array_key_exists($segment, $array)) { |
||
| 514 | return $default; |
||
| 515 | } |
||
| 516 | |||
| 517 | $array = $array[$segment]; |
||
| 518 | } |
||
| 519 | |||
| 520 | return $array; |
||
| 521 | } |
||
| 522 | |||
| 523 | /** |
||
| 524 | * @link https://medium.com/@assertchris/dot-notation-3fd3e42edc61 |
||
| 525 | */ |
||
| 526 | protected function setToArray(&$array, string $key, $value) |
||
| 547 | } |
||
| 548 | } |
||
| 549 |
Loading history...