Elgg  Version master
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
Elgg\PersistentLoginService Class Reference

More...

Public Member Functions

 __construct (UsersRememberMeCookiesTable $cookie_table,\ElggSession $session,\Elgg\Security\Crypto $crypto,\Elgg\Config $config,\Elgg\Http\Request $request)
 Constructor. More...
 
 makeLoginPersistent (\ElggUser $user)
 Make the user's login persistent. More...
 
 removePersistentLogin ()
 Remove the persisted login token from client and server. More...
 
 handlePasswordChange (\ElggUser $subject,\ElggUser $modifier=null)
 Handle a password change. More...
 
 bootSession ()
 Boot the persistent login session, possibly returning the user who should be silently logged in. More...
 
 getUserFromToken (string $token)
 Get a user from a persistent cookie token. More...
 
 updateTokenUsage (\ElggUser $user)
 Update the timestamp linked to a persistent cookie code, this indicates that the code was used recently. More...
 
 removeExpiredTokens ($time)
 Remove all persistent codes from the database which have expired based on the cookie config. More...
 

Public Attributes

 $_callable_elgg_set_cookie = 'elgg_set_cookie'
 

Protected Member Functions

 hashToken (string $token)
 Create a hash from the token. More...
 
 setCookie (string $token)
 Store the token in the client cookie (or remove the cookie) More...
 
 setSessionToken (string $token)
 Store the token in the session (or remove it from the session) More...
 
 generateToken ()
 Generate a random token (base 64 URL) More...
 

Protected Attributes

 $cookie_config
 
 $cookie_token
 
 $session
 
 $crypto
 
 $persistent_cookie_table
 

Detailed Description

If a user selects a persistent login, a long, random token is generated and stored in the cookie called "elggperm", and a hash of the token is stored in the DB. If the user's PHP session expires, the session boot sequence will try to log the user in via the token in the cookie.

Definition at line 17 of file PersistentLoginService.php.

Constructor & Destructor Documentation

Elgg\PersistentLoginService::__construct ( UsersRememberMeCookiesTable  $cookie_table,
\ElggSession  $session,
\Elgg\Security\Crypto  $crypto,
\Elgg\Config  $config,
\Elgg\Http\Request  $request 
)

Constructor.

Parameters
UsersRememberMeCookiesTable$cookie_tableThe persistent cookie storage table
\ElggSession$sessionThe Elgg session
\Elgg\Security\Crypto$cryptoThe cryptography service
\Elgg\Config$configThe site configuration
\Elgg\Http\Request$requestThe request

Definition at line 61 of file PersistentLoginService.php.

Member Function Documentation

Elgg\PersistentLoginService::bootSession ( )

Boot the persistent login session, possibly returning the user who should be silently logged in.

Returns
|null

Definition at line 131 of file PersistentLoginService.php.

Elgg\PersistentLoginService::generateToken ( )
protected

Generate a random token (base 64 URL)

The first char is always "z" to indicate the value has more entropy than the previously generated ones.

Returns
string

Definition at line 274 of file PersistentLoginService.php.

Elgg\PersistentLoginService::getUserFromToken ( string  $token)

Get a user from a persistent cookie token.

Parameters
string$tokenthe cookie token
Returns
|null

Definition at line 155 of file PersistentLoginService.php.

Elgg\PersistentLoginService::handlePasswordChange ( \ElggUser  $subject,
\ElggUser  $modifier = null 
)

Handle a password change.

Parameters
\ElggUser$subjectThe user whose password changed
\ElggUser$modifierThe user who changed the password
Returns
void

Definition at line 116 of file PersistentLoginService.php.

Elgg\PersistentLoginService::hashToken ( string  $token)
protected

Create a hash from the token.

Parameters
string$tokenThe token to hash
Returns
string

Definition at line 224 of file PersistentLoginService.php.

Elgg\PersistentLoginService::makeLoginPersistent ( \ElggUser  $user)

Make the user's login persistent.

Parameters
\ElggUser$userThe user who logged in
Returns
void

Definition at line 84 of file PersistentLoginService.php.

Elgg\PersistentLoginService::removeExpiredTokens (   $time)

Remove all persistent codes from the database which have expired based on the cookie config.

Parameters
int | \DateTime | string$timethe base timestamp to use
Returns
bool

Definition at line 203 of file PersistentLoginService.php.

Elgg\PersistentLoginService::removePersistentLogin ( )

Remove the persisted login token from client and server.

Returns
void

Definition at line 98 of file PersistentLoginService.php.

Elgg\PersistentLoginService::setCookie ( string  $token)
protected

Store the token in the client cookie (or remove the cookie)

Parameters
string$tokenEmpty string to remove cookie
Returns
void

Definition at line 237 of file PersistentLoginService.php.

Elgg\PersistentLoginService::setSessionToken ( string  $token)
protected

Store the token in the session (or remove it from the session)

Parameters
string$tokenThe token to store in session. Empty string to remove.
Returns
void

Definition at line 258 of file PersistentLoginService.php.

Elgg\PersistentLoginService::updateTokenUsage ( \ElggUser  $user)

Update the timestamp linked to a persistent cookie code, this indicates that the code was used recently.

Parameters
\ElggUser$userthe user to update the cookie code for
Returns
bool|null

Definition at line 181 of file PersistentLoginService.php.

Member Data Documentation

Elgg\PersistentLoginService::$_callable_elgg_set_cookie = 'elgg_set_cookie'

Definition at line 50 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$cookie_config
protected

Definition at line 24 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$cookie_token
protected

Definition at line 29 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$crypto
protected

Definition at line 39 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$persistent_cookie_table
protected

Definition at line 44 of file PersistentLoginService.php.

Elgg\PersistentLoginService::$session
protected

Definition at line 34 of file PersistentLoginService.php.


The documentation for this class was generated from the following file: