services/SessionService.php

<?php

namespace Grocy\Services;

class SessionService extends BaseService
{
	const SESSION_COOKIE_NAME = 'grocy_session';

	/**
	 * @return string
	 */
	public function CreateSession($userId, $stayLoggedInPermanently = false)
	{
		$newSessionKey = $this->GenerateSessionKey();
		$expires = date('Y-m-d H:i:s', intval(time() + 2592000));

		// Default is that sessions expire in 30 days
		if ($stayLoggedInPermanently === true)
		{
			$expires = date('Y-m-d H:i:s', PHP_INT_SIZE == 4 ? PHP_INT_MAX : PHP_INT_MAX >> 32); // Never
		}

		$sessionRow = $this->getDatabase()->sessions()->createRow([
			'user_id' => $userId,
			'session_key' => $newSessionKey,
			'expires' => $expires
		]);
		$sessionRow->save();

		return $newSessionKey;
	}

	public function GetDefaultUser()
	{
		return $this->getDatabase()->users(1);
	}

	public function GetUserBySessionKey($sessionKey)
	{
		$sessionRow = $this->getDatabase()->sessions()->where('session_key', $sessionKey)->fetch();
		if ($sessionRow !== null)
		{
			return $this->getDatabase()->users($sessionRow->user_id);
		}

		return null;
	}

	/**
	 * @return boolean
	 */
	public function IsValidSession($sessionKey)
	{
		if ($sessionKey === null || empty($sessionKey))
		{
			return false;
		}
		else
		{
			$sessionRow = $this->getDatabase()->sessions()->where('session_key = :1 AND expires > :2', $sessionKey, date('Y-m-d H:i:s', time()))->fetch();
			if ($sessionRow !== null)
			{
				// This should not change the database file modification time as this is used
				// to determine if REALLY something has changed
				$dbModTime = $this->getDatabaseService()->GetDbChangedTime();
				$sessionRow->update([
					'last_used' => date('Y-m-d H:i:s', time())
				]);
				$this->getDatabaseService()->SetDbChangedTime($dbModTime);

				return true;
			}
			else
			{
				return false;
			}
		}
	}

	public function RemoveSession($sessionKey)
	{
		$this->getDatabase()->sessions()->where('session_key', $sessionKey)->delete();
	}

	private function GenerateSessionKey()
	{
		return RandomString(50);
	}
}
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`<?php`

Reorganize project part 2 2018-04-11 19:49:35 +02:00			`namespace Grocy\Services;`

			`class SessionService extends BaseService`
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`{`
More authentication refactoring to also provide "plugable" credentials handling (references #921 , needed for #305 ) 2020-10-19 18:38:12 +02:00			`const SESSION_COOKIE_NAME = 'grocy_session';`

Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`/**`
			`* @return string`
			`*/`
			`public function CreateSession($userId, $stayLoggedInPermanently = false)`
			`{`
			`$newSessionKey = $this->GenerateSessionKey();`
			`$expires = date('Y-m-d H:i:s', intval(time() + 2592000));`

Applied PHP-CS-Fixer rules 2020-09-01 21:29:47 +02:00			`// Default is that sessions expire in 30 days`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`if ($stayLoggedInPermanently === true)`
			`{`
			`$expires = date('Y-m-d H:i:s', PHP_INT_SIZE == 4 ? PHP_INT_MAX : PHP_INT_MAX >> 32); // Never`
			`}`

			`$sessionRow = $this->getDatabase()->sessions()->createRow([`
			`'user_id' => $userId,`
			`'session_key' => $newSessionKey,`
			`'expires' => $expires`
			`]);`
			`$sessionRow->save();`

			`return $newSessionKey;`
			`}`

			`public function GetDefaultUser()`
			`{`
			`return $this->getDatabase()->users(1);`
			`}`

			`public function GetUserBySessionKey($sessionKey)`
			`{`
			`$sessionRow = $this->getDatabase()->sessions()->where('session_key', $sessionKey)->fetch();`
			`if ($sessionRow !== null)`
			`{`
			`return $this->getDatabase()->users($sessionRow->user_id);`
			`}`

			`return null;`
			`}`
Convert services to singletons and use lazy loading to improve performance (#479 ) 2020-03-01 23:47:47 +07:00
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`/**`
			`* @return boolean`
			`*/`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`public function IsValidSession($sessionKey)`
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`{`
			`if ($sessionKey === null \|\| empty($sessionKey))`
			`{`
			`return false;`
			`}`
			`else`
			`{`
Convert services to singletons and use lazy loading to improve performance (#479 ) 2020-03-01 23:47:47 +07:00			`$sessionRow = $this->getDatabase()->sessions()->where('session_key = :1 AND expires > :2', $sessionKey, date('Y-m-d H:i:s', time()))->fetch();`
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`if ($sessionRow !== null)`
			`{`
Applied PHP-CS-Fixer rules 2020-09-01 21:29:47 +02:00			`// This should not change the database file modification time as this is used`
Fixed that `/api/system/db-changed-time` always returned the current time 2019-09-17 17:49:58 +02:00			`// to determine if REALLY something has changed`
Convert services to singletons and use lazy loading to improve performance (#479 ) 2020-03-01 23:47:47 +07:00			`$dbModTime = $this->getDatabaseService()->GetDbChangedTime();`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`$sessionRow->update([`
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`'last_used' => date('Y-m-d H:i:s', time())`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`]);`
Convert services to singletons and use lazy loading to improve performance (#479 ) 2020-03-01 23:47:47 +07:00			`$this->getDatabaseService()->SetDbChangedTime($dbModTime);`
Fixed that `/api/system/db-changed-time` always returned the current time 2019-09-17 17:49:58 +02:00
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`return true;`
			`}`
			`else`
			`{`
			`return false;`
			`}`
Added option to stay logged in permanently 2018-09-24 13:16:57 +02:00			`}`
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`}`

Reorganize project part 2 2018-04-11 19:49:35 +02:00			`public function RemoveSession($sessionKey)`
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`{`
Convert services to singletons and use lazy loading to improve performance (#479 ) 2020-03-01 23:47:47 +07:00			`$this->getDatabase()->sessions()->where('session_key', $sessionKey)->delete();`
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`}`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00
			`private function GenerateSessionKey()`
			`{`
			`return RandomString(50);`
			`}`
Reorganize project part 1 2018-04-10 20:30:11 +02:00			`}`