Created
July 16, 2015 19:54
-
-
Save Akii/2176c39373027bb21fc2 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace Akii\RememberMe\Security\Authentication\Aspect; | |
| use Akii\RememberMe\Security\Authentication\Token\RememberMeToken; | |
| use TYPO3\Flow\Annotations as Flow; | |
| use TYPO3\Flow\Aop\JoinPointInterface; | |
| use TYPO3\Flow\Configuration\ConfigurationManager; | |
| use TYPO3\Flow\Http\Cookie; | |
| use TYPO3\Flow\Http\Request; | |
| use TYPO3\Flow\Http\Response; | |
| use TYPO3\Flow\Reflection\ObjectAccess; | |
| use TYPO3\Flow\Security\Authentication\AuthenticationProviderManager; | |
| use TYPO3\Flow\Security\Context; | |
| use TYPO3\Flow\Session\Session; | |
| /** | |
| * @Flow\Aspect | |
| */ | |
| class RememberMeAspect { | |
| /** | |
| * @var AuthenticationProviderManager | |
| * @Flow\Inject | |
| */ | |
| protected $authenticationManager; | |
| /** | |
| * @var Context | |
| * @Flow\Inject | |
| */ | |
| protected $securityContext; | |
| /** | |
| * @var string | |
| */ | |
| protected $sessionCookieName; | |
| /** | |
| * @var integer | |
| */ | |
| protected $sessionCookieLifetime = 0; | |
| /** | |
| * @var string | |
| */ | |
| protected $sessionCookieDomain; | |
| /** | |
| * @var string | |
| */ | |
| protected $sessionCookiePath; | |
| /** | |
| * @var boolean | |
| */ | |
| protected $sessionCookieSecure = TRUE; | |
| /** | |
| * @var boolean | |
| */ | |
| protected $sessionCookieHttpOnly = TRUE; | |
| /** | |
| * @var integer | |
| */ | |
| protected $inactivityTimeout; | |
| /** | |
| * Injects the Flow settings | |
| * | |
| * @param ConfigurationManager $configurationManager | |
| * @return void | |
| */ | |
| public function injectConfigurationManager(ConfigurationManager $configurationManager) { | |
| $settings = $configurationManager->getConfiguration(ConfigurationManager::CONFIGURATION_TYPE_SETTINGS, 'TYPO3.Flow'); | |
| $this->sessionCookieName = $settings['session']['name']; | |
| $this->sessionCookieLifetime = (integer)$settings['session']['cookie']['lifetime']; | |
| $this->sessionCookieDomain = $settings['session']['cookie']['domain']; | |
| $this->sessionCookiePath = $settings['session']['cookie']['path']; | |
| $this->sessionCookieSecure = (boolean)$settings['session']['cookie']['secure']; | |
| $this->sessionCookieHttpOnly = (boolean)$settings['session']['cookie']['httponly']; | |
| $this->inactivityTimeout = (integer)$settings['session']['inactivityTimeout']; | |
| } | |
| /** | |
| * @Flow\Around("method(TYPO3\Flow\Session\Session->start())") | |
| * @param JoinPointInterface $joinPoint | |
| * @throws \TYPO3\Flow\Reflection\Exception\PropertyNotAccessibleException | |
| * @throws \TYPO3\Flow\Session\Exception\InvalidRequestHandlerException | |
| * @return void | |
| */ | |
| public function startSession(JoinPointInterface $joinPoint) { | |
| /** @var Session $session */ | |
| $session = $joinPoint->getProxy(); | |
| $started = $session->isStarted(); | |
| // just let it do it's thing | |
| $joinPoint->getAdviceChain()->proceed($joinPoint); | |
| if ($started === TRUE) { | |
| return; | |
| } | |
| /** @var RememberMeToken $token */ | |
| $tokens = $this->securityContext->getAuthenticationTokensOfType(RememberMeToken::class); | |
| $token = array_shift($tokens); | |
| if ($token === NULL || $token->shouldRememberMe() === FALSE) { | |
| return; | |
| } | |
| $sessionIdentifier = ObjectAccess::getProperty($session, 'sessionIdentifier', TRUE); | |
| $cookieExpiration = time() + 60 * 24 * 7; // 7 days | |
| $sessionCookie = new Cookie($this->sessionCookieName, $sessionIdentifier, $cookieExpiration, $this->sessionCookieLifetime, $this->sessionCookieDomain, $this->sessionCookiePath, $this->sessionCookieSecure, $this->sessionCookieHttpOnly); | |
| ObjectAccess::setProperty($session, 'sessionCookie', $sessionCookie, TRUE); | |
| $response = ObjectAccess::getProperty($session, 'response', TRUE); | |
| $response->setCookie($sessionCookie); | |
| } | |
| /** | |
| * @Flow\Around("method(TYPO3\Flow\Session\Session->resume())") | |
| * @param JoinPointInterface $joinPoint | |
| * @throws \TYPO3\Flow\Reflection\Exception\PropertyNotAccessibleException | |
| * @throws \TYPO3\Flow\Session\Exception\InvalidRequestHandlerException | |
| * @return void | |
| */ | |
| public function resumeSession(JoinPointInterface $joinPoint) { | |
| /** @var Session $session */ | |
| $session = $joinPoint->getProxy(); | |
| $joinPoint->getAdviceChain()->proceed($joinPoint); | |
| /** @var Request $request */ | |
| $request = ObjectAccess::getProperty($session, 'request', TRUE); | |
| /** @var Response $response */ | |
| $response = ObjectAccess::getProperty($session, 'response', TRUE); | |
| if ($request->hasCookie($this->sessionCookieName)) { | |
| $response->removeCookie($this->sessionCookieName); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment