PHP SessionInterface::isStarted方法代码示例

 /**
  * {@inheritdoc}
  */
 public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQUEST, $catch = true)
 {
     // always set the session onto the request object.
     $request->setSession($this->session);
     // we only need to manage the session for the master request.
     // subrequests will have the session available anyways, but we will
     // be closing and setting the cookie for the master request only.
     if ($type !== HttpKernelInterface::MASTER_REQUEST) {
         return $this->kernel->handle($request, $type, $catch);
     }
     // the session may have been manually started before the middleware is
     // invoked - in this case, we cross our fingers and hope the session has
     // properly initialised itself
     if (!$this->session->isStarted()) {
         $this->initSession($request);
     }
     $response = $this->kernel->handle($request, $type, $catch);
     // if the session has started, save it and attach the session cookie. if
     // the session has not started, there is nothing to save and there is no
     // point in attaching a cookie to persist it.
     if ($this->session->isStarted()) {
         $this->closeSession($request, $response);
     }
     return $response;
 }

 /**
  * {@inheritdoc}
  */
 public function getData($key, $default = null)
 {
     if (!$this->session->isStarted()) {
         return $default;
     }
     return $this->session->get($key, $default);
 }

 /**
  * @return string
  */
 public function getHost()
 {
     if ($this->session->isStarted() && $this->session->has(self::OVERRIDE_HOST)) {
         return $this->session->get(self::OVERRIDE_HOST);
     }
     return parent::getHost();
 }

 /**
  * Add the session cookie to the response if it is started.
  *
  * @param FilterResponseEvent $event
  */
 public function onResponse(FilterResponseEvent $event)
 {
     if (!$event->isMasterRequest() || !$this->session->isStarted()) {
         return;
     }
     $this->session->save();
     $cookie = $this->generateCookie();
     $event->getResponse()->headers->setCookie($cookie);
 }

 public function onSiteAccessMatch(PostSiteAccessMatchEvent $event)
 {
     if (!($event->getRequestType() === HttpKernelInterface::MASTER_REQUEST && isset($this->session) && !$this->session->isStarted() && $this->sessionStorage instanceof NativeSessionStorage)) {
         return;
     }
     $sessionOptions = (array) $this->configResolver->getParameter('session');
     $sessionName = isset($sessionOptions['name']) ? $sessionOptions['name'] : $this->session->getName();
     $sessionOptions['name'] = $this->getSessionName($sessionName, $event->getSiteAccess());
     $this->sessionStorage->setOptions($sessionOptions);
 }

 public function getConfig()
 {
     $sessionInfo = ['isStarted' => false];
     if ($this->session->isStarted()) {
         $sessionInfo['isStarted'] = true;
         $sessionInfo['name'] = $this->session->getName();
         $sessionInfo['identifier'] = $this->session->getId();
         $sessionInfo['csrfToken'] = $this->csrfTokenManager->getToken($this->csrfTokenIntention)->getValue();
         $sessionInfo['href'] = $this->generateUrl('ezpublish_rest_deleteSession', ['sessionId' => $this->session->getId()]);
     }
     return $sessionInfo;
 }

 public function onSiteAccessMatch(PostSiteAccessMatchEvent $event)
 {
     if (!$this->session || $event->getRequestType() !== HttpKernelInterface::MASTER_REQUEST) {
         return;
     }
     $sessionName = $this->session->getName();
     $request = $event->getRequest();
     if (!$this->session->isStarted() && !$request->hasPreviousSession() && $request->request->has($sessionName)) {
         $this->session->setId($request->request->get($sessionName));
         $this->session->start();
     }
 }

 /**
  * Handle errors thrown in the application.
  *
  * @param GetResponseForExceptionEvent $event
  */
 public function onKernelException(GetResponseForExceptionEvent $event)
 {
     $hasUser = $this->session->isStarted() && $this->session->has('authentication');
     if (!$hasUser && !$this->showWhileLoggedOff) {
         return;
     }
     $exception = $event->getException();
     ob_start();
     $this->whoops->handleException($exception);
     $response = ob_get_clean();
     $code = $exception instanceof HttpExceptionInterface ? $exception->getStatusCode() : Response::HTTP_INTERNAL_SERVER_ERROR;
     $event->setResponse(new Response($response, $code));
 }

 /**
  * @return string
  */
 public function getSessionId()
 {
     try {
         if ($this->startSession && !$this->session->isStarted()) {
             $this->session->start();
         }
         if ($this->session->isStarted()) {
             return $this->session->getId();
         }
     } catch (\RuntimeException $e) {
     }
     return self::SESSION_ID_UNKNOWN;
 }

 /**
  * Handle errors thrown in the application.
  *
  * Note:
  *   - We don't want to show Whoops! screens for requests that trigger a 404.
  *   - Our priority is set just above Symfony's, as we are giving up and
  *     displaying the error to the user, so that should be a low priority
  *     compared to error handlers that do something else.
  *
  * @param GetResponseForExceptionEvent $event
  */
 public function onKernelException(GetResponseForExceptionEvent $event)
 {
     // We (generally) do not want to show Whoops! screens when the user isn't logged on.
     $hasUser = $this->session->isStarted() && $this->session->has('authentication');
     if (!$hasUser && !$this->showWhileLoggedOff) {
         return;
     }
     // Register Whoops as an error handler
     $this->whoops->register();
     $exception = $event->getException();
     ob_start();
     $this->whoops->handleException($exception);
     $response = ob_get_clean();
     $code = $exception instanceof HttpExceptionInterface ? $exception->getStatusCode() : Response::HTTP_INTERNAL_SERVER_ERROR;
     $event->setResponse(new Response($response, $code));
 }

 /**
  * We will not allow tampering with sessions, so we make sure the current
  * session is still valid for the device on which it was created, and that
  * the username, and IP address, are still the same.
  *
  * 1. If user has a valid session and it is fresh, check against cookie:
  *    - If NOT a match refuse
  *    - If a match accept
  * 2. If user has a valid session and it is stale (>10 minutes), check the
  *    database records again:
  *    - If disabled refuse
  *    - If enabled
  *      - If NOT a match refuse
  *      - If a match accept
  *      - Update session data
  * 3. If user has no session check authtoken table entry (closed broswer):
  *    - If passed validity date refuse
  *    - If within validity date, hash username and IP against salt and
  *      compare to database:
  *      - If NOT a match refuse
  *      - If a match accept
  *
  * @param string $authCookie
  *
  * @throws AccessControlException
  *
  * @return boolean
  */
 public function isValidSession($authCookie)
 {
     if ($authCookie === null) {
         throw new AccessControlException('Can not validate session with an empty token.');
     }
     if ($this->validSession !== null) {
         return $this->validSession;
     }
     $check = false;
     $sessionAuth = null;
     /** @var \Bolt\AccessControl\Token\Token $sessionAuth */
     if ($this->session->isStarted() && ($sessionAuth = $this->session->get('authentication'))) {
         $check = $this->checkSessionStored($sessionAuth);
     }
     if (!$check) {
         // Either the session keys don't match, or the session is too old
         $check = $this->checkSessionDatabase($authCookie);
     }
     if ($check) {
         return $this->validSession = true;
     }
     $this->validSession = false;
     $this->systemLogger->debug("Clearing sessions for expired or invalid token: {$authCookie}", ['event' => 'authentication']);
     return $this->revokeSession();
 }

 /**
  * {@inheritdoc}
  */
 public function removeToken($tokenId)
 {
     if (!$this->session->isStarted()) {
         $this->session->start();
     }
     return $this->session->remove($this->namespace . '/' . $tokenId);
 }

 /**
  * Initializes session access for $_SESSION['FE_DATA'] and $_SESSION['BE_DATA'].
  */
 private function initializeLegacySessionAccess()
 {
     if (!$this->session->isStarted()) {
         return;
     }
     $_SESSION['BE_DATA'] = $this->session->getBag('contao_backend');
     $_SESSION['FE_DATA'] = $this->session->getBag('contao_frontend');
 }

 /**
  * Get the exception trace that is safe to display publicly
  *
  * @param Exception $exception
  *
  * @return array
  */
 protected function getSafeTrace(Exception $exception)
 {
     if (!$this->isDebug && !($this->session->isStarted() && $this->session->has('authentication'))) {
         return [];
     }
     $trace = $exception->getTrace();
     foreach ($trace as $key => $value) {
         if (!empty($value['file']) && strpos($value['file'], '/vendor/') > 0) {
             unset($trace[$key]['args']);
         }
         // Don't display the full path.
         if (isset($trace[$key]['file'])) {
             $trace[$key]['file'] = str_replace($this->rootPath, '[root]/', $trace[$key]['file']);
         }
     }
     return $trace;
 }

 public function __construct(SessionInterface $session)
 {
     if ($session->isStarted()) {
         $this->session = $session;
     } else {
         $sessionClass = get_class($session);
         $this->session = new $sessionClass(new PhpBridgeSessionStorage());
     }
 }