Elgg  Version master
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
Elgg\PersistentLoginService Class Reference

More...

Public Member Functions

 __construct (protected UsersRememberMeCookiesTable $cookie_table, protected\ElggSession $session, protected\Elgg\Security\Crypto $crypto,\Elgg\Config $config,\Elgg\Http\Request $request)
 Constructor. More...
 
 makeLoginPersistent (\ElggUser $user)
 Make the user's login persistent. More...
 
 removePersistentLogin ()
 Remove the persisted login token from client and server. More...
 
 handlePasswordChange (\ElggUser $subject,\ElggUser $modifier=null)
 Handle a password change. More...
 
 bootSession ()
 Boot the persistent login session, possibly returning the user who should be silently logged in. More...
 
 getUserFromToken (string $token)
 Get a user from a persistent cookie token. More...
 
 updateTokenUsage (\ElggUser $user)
 Update the timestamp linked to a persistent cookie code, this indicates that the code was used recently. More...
 
 removeExpiredTokens ($time)
 Remove all persistent codes from the database which have expired based on the cookie config. More...
 

Public Attributes

 $_callable_elgg_set_cookie = 'elgg_set_cookie'
 

Protected Member Functions

 hashToken (string $token)
 Create a hash from the token. More...
 
 setCookie (string $token)
 Store the token in the client cookie (or remove the cookie) More...
 
 setSessionToken (string $token)
 Store the token in the session (or remove it from the session) More...
 
 generateToken ()
 Generate a random token (base 64 URL) More...
 

Protected Attributes

array $cookie_config
 
string $cookie_token
 

Detailed Description

If a user selects a persistent login, a long, random token is generated and stored in the cookie called "elggperm", and a hash of the token is stored in the DB. If the user's PHP session expires, the session boot sequence will try to log the user in via the token in the cookie.

Definition at line 17 of file PersistentLoginService.php.

Constructor & Destructor Documentation

Elgg\PersistentLoginService::__construct ( protected UsersRememberMeCookiesTable  $cookie_table,
protected\ElggSession  $session,
protected\Elgg\Security\Crypto  $crypto,
\Elgg\Config  $config,
\Elgg\Http\Request  $request 
)

Constructor.

Parameters
UsersRememberMeCookiesTable$cookie_tableThe persistent cookie storage table
\ElggSession$sessionThe Elgg session
\Elgg\Security\Crypto$cryptoThe cryptography service
\Elgg\Config$configThe site configuration
\Elgg\Http\Request$requestThe request

Definition at line 40 of file PersistentLoginService.php.

Member Function Documentation

Elgg\PersistentLoginService::bootSession ( )

Boot the persistent login session, possibly returning the user who should be silently logged in.

Returns
|null

Definition at line 107 of file PersistentLoginService.php.

Elgg\PersistentLoginService::generateToken ( )
protected

Generate a random token (base 64 URL)

The first char is always "z" to indicate the value has more entropy than the previously generated ones.

Returns
string

Definition at line 250 of file PersistentLoginService.php.

Elgg\PersistentLoginService::getUserFromToken ( string  $token)

Get a user from a persistent cookie token.

Parameters
string$tokenthe cookie token
Returns
|null

Definition at line 131 of file PersistentLoginService.php.

Elgg\PersistentLoginService::handlePasswordChange ( \ElggUser  $subject,
\ElggUser  $modifier = null 
)

Handle a password change.

Parameters
\ElggUser$subjectThe user whose password changed
\ElggUser$modifierThe user who changed the password
Returns
void

Definition at line 92 of file PersistentLoginService.php.

Elgg\PersistentLoginService::hashToken ( string  $token)
protected

Create a hash from the token.

Parameters
string$tokenThe token to hash
Returns
string

Definition at line 200 of file PersistentLoginService.php.

Elgg\PersistentLoginService::makeLoginPersistent ( \ElggUser  $user)

Make the user's login persistent.

Parameters
\ElggUser$userThe user who logged in
Returns
void

Definition at line 60 of file PersistentLoginService.php.

Elgg\PersistentLoginService::removeExpiredTokens (   $time)

Remove all persistent codes from the database which have expired based on the cookie config.

Parameters
int | \DateTime | string$timethe base timestamp to use
Returns
bool

Definition at line 179 of file PersistentLoginService.php.

Elgg\PersistentLoginService::removePersistentLogin ( )

Remove the persisted login token from client and server.

Returns
void

Definition at line 74 of file PersistentLoginService.php.

Elgg\PersistentLoginService::setCookie ( string  $token)
protected

Store the token in the client cookie (or remove the cookie)

Parameters
string$tokenEmpty string to remove cookie
Returns
void

Definition at line 213 of file PersistentLoginService.php.

Elgg\PersistentLoginService::setSessionToken ( string  $token)
protected

Store the token in the session (or remove it from the session)

Parameters
string$tokenThe token to store in session. Empty string to remove.
Returns
void

Definition at line 234 of file PersistentLoginService.php.

Elgg\PersistentLoginService::updateTokenUsage ( \ElggUser  $user)

Update the timestamp linked to a persistent cookie code, this indicates that the code was used recently.

Parameters
\ElggUser$userthe user to update the cookie code for
Returns
bool|null

Definition at line 157 of file PersistentLoginService.php.

Member Data Documentation

Elgg\PersistentLoginService::$_callable_elgg_set_cookie = 'elgg_set_cookie'

Definition at line 29 of file PersistentLoginService.php.

array Elgg\PersistentLoginService::$cookie_config
protected

Definition at line 21 of file PersistentLoginService.php.

string Elgg\PersistentLoginService::$cookie_token
protected

Definition at line 23 of file PersistentLoginService.php.


The documentation for this class was generated from the following file: