6 use Elgg\Traits\TimeUsing;
29 public $_callable_elgg_set_cookie =
'elgg_set_cookie';
43 protected \
Elgg\Security\Crypto $crypto,
47 $global_cookies_config =
$config->getCookieConfig();
49 $this->cookie_config = $global_cookies_config[
'remember_me'];
50 $this->cookie_token =
$request->cookies->get($this->cookie_config[
'name'],
'');
61 $token = $this->generateToken();
62 $hash = $this->hashToken(
$token);
64 $this->cookie_table->insertHash(
$user, $hash);
66 $this->setSessionToken(
$token);
75 if ($this->cookie_token) {
76 $client_hash = $this->hashToken($this->cookie_token);
77 $this->cookie_table->deleteHash($client_hash);
81 $this->setSessionToken(
'');
93 $this->cookie_table->deleteAllHashes(
$subject);
94 if (!$modifier || ($modifier->guid !==
$subject->guid) || !$this->cookie_token) {
98 $this->makeLoginPersistent(
$subject);
108 if (!$this->cookie_token) {
113 $user = $this->getUserFromToken($this->cookie_token);
115 $this->setSessionToken($this->cookie_token);
120 $this->setCookie(
'');
136 $hash = $this->hashToken(
$token);
141 $user_row = $this->cookie_table->getRowFromHash($hash);
142 if (empty($user_row)) {
158 if (!$this->cookie_token) {
164 $this->cookie_table->updateHash(
$user, $this->hashToken($this->cookie_token));
167 $this->setCookie($this->cookie_token);
182 $expires = Values::normalizeTime($this->cookie_config[
'expire']);
186 if (
$time->getTimestamp() > time()) {
190 return (
bool) $this->cookie_table->deleteExpiredHashes(
$time->getTimestamp());
214 $cookie = new \
ElggCookie($this->cookie_config[
'name']);
215 foreach ([
'expire',
'path',
'domain',
'secure',
'httpOnly'] as
$key) {
216 $cookie->$key = $this->cookie_config[strtolower(
$key)];
221 $cookie->expire = $this->getCurrentTime(
'-30 days')->getTimestamp();
224 call_user_func($this->_callable_elgg_set_cookie, $cookie);
236 $this->session->set(
'code',
$token);
238 $this->session->remove(
'code');
251 return 'z' . $this->crypto->getRandomString(31);
return[ 'admin/delete_admin_notices'=>['access'=> 'admin'], 'admin/menu/save'=>['access'=> 'admin'], 'admin/plugins/activate'=>['access'=> 'admin'], 'admin/plugins/activate_all'=>['access'=> 'admin'], 'admin/plugins/deactivate'=>['access'=> 'admin'], 'admin/plugins/deactivate_all'=>['access'=> 'admin'], 'admin/plugins/set_priority'=>['access'=> 'admin'], 'admin/security/security_txt'=>['access'=> 'admin'], 'admin/security/settings'=>['access'=> 'admin'], 'admin/security/regenerate_site_secret'=>['access'=> 'admin'], 'admin/site/cache/invalidate'=>['access'=> 'admin'], 'admin/site/flush_cache'=>['access'=> 'admin'], 'admin/site/icons'=>['access'=> 'admin'], 'admin/site/set_maintenance_mode'=>['access'=> 'admin'], 'admin/site/set_robots'=>['access'=> 'admin'], 'admin/site/theme'=>['access'=> 'admin'], 'admin/site/unlock_upgrade'=>['access'=> 'admin'], 'admin/site/settings'=>['access'=> 'admin'], 'admin/upgrade'=>['access'=> 'admin'], 'admin/upgrade/reset'=>['access'=> 'admin'], 'admin/user/ban'=>['access'=> 'admin'], 'admin/user/bulk/ban'=>['access'=> 'admin'], 'admin/user/bulk/delete'=>['access'=> 'admin'], 'admin/user/bulk/unban'=>['access'=> 'admin'], 'admin/user/bulk/validate'=>['access'=> 'admin'], 'admin/user/change_email'=>['access'=> 'admin'], 'admin/user/delete'=>['access'=> 'admin'], 'admin/user/login_as'=>['access'=> 'admin'], 'admin/user/logout_as'=>[], 'admin/user/makeadmin'=>['access'=> 'admin'], 'admin/user/resetpassword'=>['access'=> 'admin'], 'admin/user/removeadmin'=>['access'=> 'admin'], 'admin/user/unban'=>['access'=> 'admin'], 'admin/user/validate'=>['access'=> 'admin'], 'annotation/delete'=>[], 'avatar/upload'=>[], 'comment/save'=>[], 'diagnostics/download'=>['access'=> 'admin'], 'entity/chooserestoredestination'=>[], 'entity/delete'=>[], 'entity/mute'=>[], 'entity/restore'=>[], 'entity/subscribe'=>[], 'entity/trash'=>[], 'entity/unmute'=>[], 'entity/unsubscribe'=>[], 'login'=>['access'=> 'logged_out'], 'logout'=>[], 'notifications/mute'=>['access'=> 'public'], 'plugins/settings/remove'=>['access'=> 'admin'], 'plugins/settings/save'=>['access'=> 'admin'], 'plugins/usersettings/save'=>[], 'register'=>['access'=> 'logged_out', 'middleware'=>[\Elgg\Router\Middleware\RegistrationAllowedGatekeeper::class,],], 'river/delete'=>[], 'settings/notifications'=>[], 'settings/notifications/subscriptions'=>[], 'user/changepassword'=>['access'=> 'public'], 'user/requestnewpassword'=>['access'=> 'public'], 'useradd'=>['access'=> 'admin'], 'usersettings/save'=>[], 'widgets/add'=>[], 'widgets/delete'=>[], 'widgets/move'=>[], 'widgets/save'=>[],]
if(! $annotation instanceof ElggAnnotation) $time
Manage the users_remember_me_cookies table.
\Elgg\PersistentLoginService
setCookie(string $token)
Store the token in the client cookie (or remove the cookie)
generateToken()
Generate a random token (base 64 URL)
getUserFromToken(string $token)
Get a user from a persistent cookie token.
bootSession()
Boot the persistent login session, possibly returning the user who should be silently logged in.
setSessionToken(string $token)
Store the token in the session (or remove it from the session)
removePersistentLogin()
Remove the persisted login token from client and server.
makeLoginPersistent(\ElggUser $user)
Make the user's login persistent.
updateTokenUsage(\ElggUser $user)
Update the timestamp linked to a persistent cookie code, this indicates that the code was used recent...
__construct(protected UsersRememberMeCookiesTable $cookie_table, protected \ElggSession $session, protected \Elgg\Security\Crypto $crypto, \Elgg\Config $config, \Elgg\Http\Request $request)
Constructor.
hashToken(string $token)
Create a hash from the token.
removeExpiredTokens($time)
Remove all persistent codes from the database which have expired based on the cookie config.
handlePasswordChange(\ElggUser $subject, ?\ElggUser $modifier=null)
Handle a password change.
Functions for use as event handlers or other situations where you need a globally accessible callable...
$config
Advanced site settings, debugging section.
$subject
HTML body of an email.
get_user(int $guid)
Elgg users Functions to manage multiple or single users in an Elgg install.
if(isset($_COOKIE['elggperm'])) $session
if($container instanceof ElggGroup && $container->guid !=elgg_get_page_owner_guid()) $key
if(parse_url(elgg_get_site_url(), PHP_URL_PATH) !=='/') if(file_exists(elgg_get_root_path() . 'robots.txt'))
Set robots.txt.