use Psr\Log\LoggerInterface;
use BagOStuff;
+use CachedBagOStuff;
use Config;
use FauxRequest;
use Language;
/** @var Config */
private $config;
- /** @var BagOStuff|null */
+ /** @var CachedBagOStuff|null */
private $store;
/** @var SessionProvider[] */
// Someone used session_id(), so we need to follow suit.
// Note this overwrites whatever session might already be
// associated with $request with the one for $id.
- self::$globalSession = self::singleton()->getSessionById( $id, false, $request );
+ self::$globalSession = self::singleton()->getSessionById( $id, true, $request )
+ ?: $request->getSession();
}
}
return self::$globalSession;
'$options[\'store\'] must be an instance of BagOStuff'
);
}
- $this->store = $options['store'];
+ $store = $options['store'];
} else {
- $this->store = \ObjectCache::getInstance( $this->config->get( 'SessionCacheType' ) );
- $this->store->setLogger( $this->logger );
+ $store = \ObjectCache::getInstance( $this->config->get( 'SessionCacheType' ) );
+ $store->setLogger( $this->logger );
}
+ $this->store = $store instanceof CachedBagOStuff ? $store : new CachedBagOStuff( $store );
register_shutdown_function( array( $this, 'shutdown' ) );
}
$this->logger = $logger;
}
- public function getPersistedSessionId( WebRequest $request ) {
- $info = $this->getSessionInfoForRequest( $request );
- if ( $info && $info->wasPersisted() ) {
- return $info->getId();
- } else {
- return null;
- }
- }
-
public function getSessionForRequest( WebRequest $request ) {
$info = $this->getSessionInfoForRequest( $request );
return $session;
}
- public function getSessionById( $id, $noEmpty = false, WebRequest $request = null ) {
+ public function getSessionById( $id, $create = false, WebRequest $request = null ) {
if ( !self::validateSessionId( $id ) ) {
throw new \InvalidArgumentException( 'Invalid session ID' );
}
}
}
- if ( !$noEmpty && $session === null ) {
+ if ( $create && $session === null ) {
$ex = null;
try {
$session = $this->getEmptySessionInternal( $request, $id );
$ex->getMessage() );
$session = null;
}
- if ( $session === null ) {
- throw new \UnexpectedValueException(
- 'Can neither load the session nor create an empty session', 0, $ex
- );
- }
}
return $session;
// @codeCoverageIgnoreEnd
}
+ # Notify AuthPlugin
+ $tmpUser = $user;
+ $wgAuth->initUser( $tmpUser, true );
+ if ( $tmpUser !== $user ) {
+ $logger->warning( __METHOD__ . ': ' .
+ get_class( $wgAuth ) . '::initUser() replaced the user object' );
+ }
+
# Notify hooks (e.g. Newuserlog)
\Hooks::run( 'AuthPluginAutoCreate', array( $user ) );
\Hooks::run( 'LocalUserCreated', array( $user, true ) );
+ $user->saveSettings();
+
# Update user count
\DeferredUpdates::addUpdate( new \SiteStatsUpdate( 0, 0, 0, 0, 1 ) );
public function preventSessionsForUser( $username ) {
$this->preventUsers[$username] = true;
- // Reset the user's token to kill existing sessions
- $user = User::newFromName( $username );
- if ( $user && $user->getToken() ) {
- $user->setToken( true );
- $user->saveSettings();
- }
-
// Instruct the session providers to kill any other sessions too.
foreach ( $this->getProviders() as $provider ) {
$provider->preventSessionsForUser( $username );
* @return bool Whether the session info matches the stored data (if any)
*/
private function loadSessionInfoFromStore( SessionInfo &$info, WebRequest $request ) {
- $blob = $this->store->get( wfMemcKey( 'MWSession', $info->getId() ) );
+ $key = wfMemcKey( 'MWSession', $info->getId() );
+ $blob = $this->store->get( $key );
$newParams = array();
// Sanity check: blob must be an array, if it's saved at all
if ( !is_array( $blob ) ) {
$this->logger->warning( "Session $info: Bad data" );
+ $this->store->delete( $key );
return false;
}
!isset( $blob['metadata'] ) || !is_array( $blob['metadata'] )
) {
$this->logger->warning( "Session $info: Bad data structure" );
+ $this->store->delete( $key );
return false;
}
!array_key_exists( 'provider', $metadata )
) {
$this->logger->warning( "Session $info: Bad metadata" );
+ $this->store->delete( $key );
return false;
}
$newParams['provider'] = $provider = $this->getProvider( $metadata['provider'] );
if ( !$provider ) {
$this->logger->warning( "Session $info: Unknown provider, " . $metadata['provider'] );
+ $this->store->delete( $key );
return false;
}
} elseif ( $metadata['provider'] !== (string)$provider ) {
if ( !empty( $metadata['forceHTTPS'] ) && !$info->forceHTTPS() ) {
$newParams['forceHTTPS'] = true;
}
+ if ( !empty( $metadata['persisted'] ) && !$info->wasPersisted() ) {
+ $newParams['persisted'] = true;
+ }
if ( !$info->isIdSafe() ) {
$newParams['idIsSafe'] = true;