fix: session not persisting
This commit is contained in:
parent
3520d1ca23
commit
d50d4b0aab
3 changed files with 22 additions and 8 deletions
|
@ -52,7 +52,6 @@ if (file_exists($configPath)) {
|
|||
session_start(
|
||||
array(
|
||||
'name' => 'wishthis',
|
||||
'cookie_lifetime' => \ini_get('session.gc_maxlifetime') ?: 1440,
|
||||
)
|
||||
);
|
||||
|
||||
|
|
|
@ -249,7 +249,7 @@ class User
|
|||
*/
|
||||
public function isLoggedIn(): bool
|
||||
{
|
||||
if (!isset($_COOKIE['wishthis'])) {
|
||||
if (!isset($_COOKIE['wishthis'], $_COOKIE['wishthis_session'])) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -267,7 +267,7 @@ class User
|
|||
FROM `sessions`
|
||||
WHERE `session` = :session',
|
||||
array(
|
||||
'session' => $_COOKIE['wishthis'],
|
||||
'session' => $_COOKIE['wishthis_session'],
|
||||
)
|
||||
)
|
||||
->fetch();
|
||||
|
@ -447,6 +447,9 @@ class User
|
|||
|
||||
session_destroy();
|
||||
unset($_SESSION);
|
||||
|
||||
/** Delete cookie */
|
||||
\setcookie('wishthis_session', '', time() - 3600);
|
||||
}
|
||||
|
||||
public function delete(): void
|
||||
|
@ -554,13 +557,16 @@ class User
|
|||
|
||||
public function refreshSession(int $forUser = 0): void
|
||||
{
|
||||
$sessionId = $_COOKIE['wishthis'];
|
||||
$sessionDurationSeconds = \ini_get('session.gc_maxlifetime') ?: 1440;
|
||||
$sessionId = $_COOKIE['wishthis_session']
|
||||
?? \password_hash(\bin2hex(\random_bytes(32)), \PASSWORD_BCRYPT);
|
||||
$sessionDurationSeconds = 1440;
|
||||
|
||||
if ($this->stayLoggedIn) {
|
||||
$sessionDurationSeconds = 31104000; // One year
|
||||
$sessionDurationSeconds = 7776000; /** Three months */
|
||||
}
|
||||
|
||||
$sessionExpires = time() + $sessionDurationSeconds;
|
||||
|
||||
if (0 === $forUser) {
|
||||
$forUser = $this->id;
|
||||
}
|
||||
|
@ -573,6 +579,10 @@ class User
|
|||
);
|
||||
$database->connect();
|
||||
|
||||
/** Create cookie */
|
||||
\setcookie('wishthis_session', $sessionId, $sessionExpires, '/');
|
||||
$_COOKIE['wishthis_session'] = $sessionId;
|
||||
|
||||
/** Delete outdated sessions */
|
||||
$database
|
||||
->query(
|
||||
|
@ -602,7 +612,7 @@ class User
|
|||
WHERE `session` = :session
|
||||
AND `user` = :user',
|
||||
array(
|
||||
'expires' => date('Y-m-d H:i', time() + $sessionDurationSeconds),
|
||||
'expires' => date('Y-m-d H:i', $sessionExpires),
|
||||
'session' => $sessionId,
|
||||
'user' => $forUser,
|
||||
)
|
||||
|
|
5
src/update/1-1-1.sql
Normal file
5
src/update/1-1-1.sql
Normal file
|
@ -0,0 +1,5 @@
|
|||
/**
|
||||
* Sessions
|
||||
*/
|
||||
ALTER TABLE `sessions`
|
||||
CHANGE COLUMN `session` `session` VARCHAR(60) NOT NULL;
|
Loading…
Reference in a new issue