docs/api/source-catalog.controller.startup.session.html
| 1: | <?php | | 2: | namespace Opencart\Catalog\Controller\Startup; | | 3: | /** | | 4: | * Class Session | | 5: | * | | 6: | * @package Opencart\Catalog\Controller\Startup | | 7: | */ | | 8: | class Session extends \Opencart\System\Engine\Controller { | | 9: | /** | | 10: | * @throws \Exception | | 11: | * | | 12: | * @return void | | 13: | */ | | 14: | public function index(): void { | | 15: | $session = new \Opencart\System\Library\Session($this->config->get('session_engine'), $this->registry); | | 16: | $this->registry->set('session', $session); | | 17: | | | 18: | if (isset($this->request->get['route']) && substr((string)$this->request->get['route'], 0, 4) == 'api/' && isset($this->request->get['api_token'])) { | | 19: | $this->load->model('setting/api'); | | 20: | | | 21: | $this->model_setting_api->cleanSessions(); | | 22: | | | 23: | // Make sure the IP is allowed | | 24: | $api_info = $this->model_setting_api->getApiByToken($this->request->get['api_token']); | | 25: | | | 26: | if ($api_info) { | | 27: | $this->session->start($this->request->get['api_token']); | | 28: | | | 29: | $this->model_setting_api->updateSession($api_info['api_session_id']); | | 30: | } | | 31: | | | 32: | return; | | 33: | } | | 34: | | | 35: | /* | | 36: | We are adding the session cookie outside of the session class as I believe | | 37: | PHP messed up in a big way handling sessions. Why in the hell is it so hard to | | 38: | have more than one concurrent session using cookies! | | 39: | | | 40: | Is it not better to have multiple cookies when accessing parts of the system | | 41: | that requires different cookie sessions for security reasons. | | 42: | */ | | 43: | | | 44: | // Update the session lifetime | | 45: | if ($this->config->get('config_session_expire')) { | | 46: | $this->config->set('session_expire', $this->config->get('config_session_expire')); | | 47: | } | | 48: | | | 49: | // Update the session SameSite | | 50: | $this->config->set('session_samesite', $this->config->get('config_session_samesite')); | | 51: | | | 52: | if (isset($this->request->cookie[$this->config->get('session_name')])) { | | 53: | $session_id = $this->request->cookie[$this->config->get('session_name')]; | | 54: | } else { | | 55: | $session_id = ''; | | 56: | } | | 57: | | | 58: | $session->start($session_id); | | 59: | | | 60: | $option = [ | | 61: | 'expires' => time() + (int)$this->config->get('config_session_expire'), | | 62: | 'path' => $this->config->get('session_path'), | | 63: | 'secure' => $this->request->server['HTTPS'], | | 64: | 'httponly' => false, | | 65: | 'SameSite' => $this->config->get('session_samesite') | | 66: | ]; | | 67: | | | 68: | $this->response->addHeader('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0'); | | 69: | | | 70: | setcookie($this->config->get('session_name'), $session->getId(), $option); | | 71: | } | | 72: | } | | 73: | |
OpenCart API API documentation generated by ApiGen dev-master