1 개요[ | ]
- 라라벨 SessionGuard
<?php
namespace Illuminate\Auth;
use RuntimeException;
use Illuminate\Support\Str;
use Illuminate\Http\Response;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Contracts\Auth\StatefulGuard;
use Symfony\Component\HttpFoundation\Request;
use Illuminate\Contracts\Auth\SupportsBasicAuth;
use Illuminate\Contracts\Cookie\QueueingFactory as CookieJar;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
class SessionGuard implements StatefulGuard, SupportsBasicAuth
{
use GuardHelpers;
protected $name;
protected $lastAttempted;
protected $viaRemember = false;
protected $session;
protected $cookie;
protected $request;
protected $events;
protected $loggedOut = false;
protected $tokenRetrievalAttempted = false;
public function __construct($name,
UserProvider $provider,
SessionInterface $session,
Request $request = null)
{
$this->name = $name;
$this->session = $session;
$this->request = $request;
$this->provider = $provider;
}
public function user()
{
if ($this->loggedOut) {
return;
}
if (! is_null($this->user)) {
return $this->user;
}
$id = $this->session->get($this->getName());
$user = null;
if (! is_null($id)) {
if ($user = $this->provider->retrieveById($id)) {
$this->fireAuthenticatedEvent($user);
}
}
$recaller = $this->getRecaller();
if (is_null($user) && ! is_null($recaller)) {
$user = $this->getUserByRecaller($recaller);
if ($user) {
$this->updateSession($user->getAuthIdentifier());
$this->fireLoginEvent($user, true);
}
}
return $this->user = $user;
}
public function id()
{
if ($this->loggedOut) {
return;
}
$id = $this->session->get($this->getName());
if (is_null($id) && $this->user()) {
$id = $this->user()->getAuthIdentifier();
}
return $id;
}
protected function getUserByRecaller($recaller)
{
if ($this->validRecaller($recaller) && ! $this->tokenRetrievalAttempted) {
$this->tokenRetrievalAttempted = true;
list($id, $token) = explode('|', $recaller, 2);
$this->viaRemember = ! is_null($user = $this->provider->retrieveByToken($id, $token));
return $user;
}
}
protected function getRecaller()
{
return $this->request->cookies->get($this->getRecallerName());
}
protected function getRecallerId()
{
if ($this->validRecaller($recaller = $this->getRecaller())) {
return head(explode('|', $recaller));
}
}
protected function validRecaller($recaller)
{
if (! is_string($recaller) || ! Str::contains($recaller, '|')) {
return false;
}
$segments = explode('|', $recaller);
return count($segments) == 2 && trim($segments[0]) !== '' && trim($segments[1]) !== '';
}
public function once(array $credentials = [])
{
if ($this->validate($credentials)) {
$this->setUser($this->lastAttempted);
return true;
}
return false;
}
public function validate(array $credentials = [])
{
return $this->attempt($credentials, false, false);
}
public function basic($field = 'email', $extraConditions = [])
{
if ($this->check()) {
return;
}
if ($this->attemptBasic($this->getRequest(), $field, $extraConditions)) {
return;
}
return $this->getBasicResponse();
}
public function onceBasic($field = 'email', $extraConditions = [])
{
$credentials = $this->getBasicCredentials($this->getRequest(), $field);
if (! $this->once(array_merge($credentials, $extraConditions))) {
return $this->getBasicResponse();
}
}
protected function attemptBasic(Request $request, $field, $extraConditions = [])
{
if (! $request->getUser()) {
return false;
}
$credentials = $this->getBasicCredentials($request, $field);
return $this->attempt(array_merge($credentials, $extraConditions));
}
protected function getBasicCredentials(Request $request, $field)
{
return [$field => $request->getUser(), 'password' => $request->getPassword()];
}
protected function getBasicResponse()
{
$headers = ['WWW-Authenticate' => 'Basic'];
return new Response('Invalid credentials.', 401, $headers);
}
public function attempt(array $credentials = [], $remember = false, $login = true)
{
$this->fireAttemptEvent($credentials, $remember, $login);
$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
if ($this->hasValidCredentials($user, $credentials)) {
if ($login) {
$this->login($user, $remember);
}
return true;
}
if ($login) {
$this->fireFailedEvent($user, $credentials);
}
return false;
}
protected function hasValidCredentials($user, $credentials)
{
return ! is_null($user) && $this->provider->validateCredentials($user, $credentials);
}
protected function fireAttemptEvent(array $credentials, $remember, $login)
{
if (isset($this->events)) {
$this->events->fire(new Events\Attempting(
$credentials, $remember, $login
));
}
}
protected function fireFailedEvent($user, array $credentials)
{
if (isset($this->events)) {
$this->events->fire(new Events\Failed($user, $credentials));
}
}
public function attempting($callback)
{
if (isset($this->events)) {
$this->events->listen(Events\Attempting::class, $callback);
}
}
public function login(AuthenticatableContract $user, $remember = false)
{
$this->updateSession($user->getAuthIdentifier());
if ($remember) {
$this->createRememberTokenIfDoesntExist($user);
$this->queueRecallerCookie($user);
}
$this->fireLoginEvent($user, $remember);
$this->setUser($user);
}
protected function fireLoginEvent($user, $remember = false)
{
if (isset($this->events)) {
$this->events->fire(new Events\Login($user, $remember));
}
}
protected function fireAuthenticatedEvent($user)
{
if (isset($this->events)) {
$this->events->fire(new Events\Authenticated($user));
}
}
protected function updateSession($id)
{
$this->session->set($this->getName(), $id);
$this->session->migrate(true);
}
public function loginUsingId($id, $remember = false)
{
$user = $this->provider->retrieveById($id);
if (! is_null($user)) {
$this->login($user, $remember);
return $user;
}
return false;
}
public function onceUsingId($id)
{
$user = $this->provider->retrieveById($id);
if (! is_null($user)) {
$this->setUser($user);
return $user;
}
return false;
}
protected function queueRecallerCookie(AuthenticatableContract $user)
{
$value = $user->getAuthIdentifier().'|'.$user->getRememberToken();
$this->getCookieJar()->queue($this->createRecaller($value));
}
protected function createRecaller($value)
{
return $this->getCookieJar()->forever($this->getRecallerName(), $value);
}
public function logout()
{
$user = $this->user();
$this->clearUserDataFromStorage();
if (! is_null($this->user)) {
$this->refreshRememberToken($user);
}
if (isset($this->events)) {
$this->events->fire(new Events\Logout($user));
}
$this->user = null;
$this->loggedOut = true;
}
protected function clearUserDataFromStorage()
{
$this->session->remove($this->getName());
if (! is_null($this->getRecaller())) {
$recaller = $this->getRecallerName();
$this->getCookieJar()->queue($this->getCookieJar()->forget($recaller));
}
}
protected function refreshRememberToken(AuthenticatableContract $user)
{
$user->setRememberToken($token = Str::random(60));
$this->provider->updateRememberToken($user, $token);
}
protected function createRememberTokenIfDoesntExist(AuthenticatableContract $user)
{
if (empty($user->getRememberToken())) {
$this->refreshRememberToken($user);
}
}
public function getCookieJar()
{
if (! isset($this->cookie)) {
throw new RuntimeException('Cookie jar has not been set.');
}
return $this->cookie;
}
public function setCookieJar(CookieJar $cookie)
{
$this->cookie = $cookie;
}
public function getDispatcher()
{
return $this->events;
}
public function setDispatcher(Dispatcher $events)
{
$this->events = $events;
}
public function getSession()
{
return $this->session;
}
public function getProvider()
{
return $this->provider;
}
public function setProvider(UserProvider $provider)
{
$this->provider = $provider;
}
public function getUser()
{
return $this->user;
}
public function setUser(AuthenticatableContract $user)
{
$this->user = $user;
$this->loggedOut = false;
$this->fireAuthenticatedEvent($user);
return $this;
}
public function getRequest()
{
return $this->request ?: Request::createFromGlobals();
}
public function setRequest(Request $request)
{
$this->request = $request;
return $this;
}
public function getLastAttempted()
{
return $this->lastAttempted;
}
public function getName()
{
return 'login_'.$this->name.'_'.sha1(static::class);
}
public function getRecallerName()
{
return 'remember_'.$this->name.'_'.sha1(static::class);
}
public function viaRemember()
{
return $this->viaRemember;
}
}
2 같이 보기[ | ]
3 참고[ | ]
로그인하시면 댓글을 쓸 수 있습니다.
{{ comment.name }}
{{ comment.created | snstime }}
-
{{comment.page_title}} ―{{comment.name}}