PluginProbe ʕ •ᴥ•ʔ
Matomo Analytics – Powerful, Privacy-First Insights for WordPress / 1.3.1
Matomo Analytics – Powerful, Privacy-First Insights for WordPress v1.3.1
5.11.1 5.11.0 5.10.2 5.10.1 trunk 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.3.2 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.1.0 4.1.1 4.1.2 4.1.3 4.10.0 4.11.0 4.12.0 4.13.0 4.13.2 4.13.3 4.13.4 4.13.5 4.14.0 4.14.1 4.14.2 4.15.0 4.15.1 4.15.2 4.15.3 4.2.0 4.3.0 4.3.1 4.4.1 4.4.2 4.5.0 4.6.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.10.0 5.2.0 5.2.1 5.2.2 5.3.0 5.3.1 5.3.2 5.3.3 5.6.0 5.6.1 5.7.0 5.7.1 5.8.0 5.8.1 5.8.2
matomo / app / core / Session / SessionInitializer.php
matomo / app / core / Session Last commit date
SaveHandler 6 years ago SessionAuth.php 6 years ago SessionFingerprint.php 6 years ago SessionInitializer.php 6 years ago SessionNamespace.php 6 years ago
SessionInitializer.php
118 lines
1 <?php
2 /**
3 * Piwik - free/libre analytics platform
4 *
5 * @link https://matomo.org
6 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
7 *
8 */
9 namespace Piwik\Session;
10
11 use Exception;
12 use Piwik\Auth as AuthInterface;
13 use Piwik\AuthResult;
14 use Piwik\Piwik;
15 use Piwik\Session;
16
17 /**
18 * Initializes authenticated sessions using an Auth implementation.
19 */
20 class SessionInitializer
21 {
22 /**
23 * Authenticates the user and, if successful, initializes an authenticated session.
24 *
25 * @param \Piwik\Auth $auth The Auth implementation to use.
26 * @throws Exception If authentication fails or the user is not allowed to login for some reason.
27 */
28 public function initSession(AuthInterface $auth)
29 {
30 $this->regenerateSessionId();
31
32 $authResult = $this->doAuthenticateSession($auth);
33
34 if (!$authResult->wasAuthenticationSuccessful()) {
35
36 Piwik::postEvent('Login.authenticate.failed', array($auth->getLogin()));
37
38 $this->processFailedSession();
39 } else {
40
41 Piwik::postEvent('Login.authenticate.successful', array($auth->getLogin()));
42
43 $this->processSuccessfulSession($authResult);
44 }
45 }
46
47 /**
48 * Authenticates the user.
49 *
50 * Derived classes can override this method to customize authentication logic or impose
51 * extra requirements on the user trying to login.
52 *
53 * @param AuthInterface $auth The Auth implementation to use when authenticating.
54 * @return AuthResult
55 */
56 protected function doAuthenticateSession(AuthInterface $auth)
57 {
58 Piwik::postEvent(
59 'Login.authenticate',
60 array(
61 $auth->getLogin(),
62 )
63 );
64
65 return $auth->authenticate();
66 }
67
68 /**
69 * Executed when the session could not authenticate.
70 *
71 * @throws Exception always.
72 */
73 protected function processFailedSession()
74 {
75 throw new Exception(Piwik::translate('Login_LoginPasswordNotCorrect'));
76 }
77
78 /**
79 * Executed when the session was successfully authenticated.
80 *
81 * @param AuthResult $authResult The successful authentication result.
82 */
83 protected function processSuccessfulSession(AuthResult $authResult)
84 {
85 $sessionIdentifier = new SessionFingerprint();
86 $sessionIdentifier->initialize($authResult->getIdentity(), $this->isRemembered());
87
88 /**
89 * @ignore
90 */
91 Piwik::postEvent('Login.authenticate.processSuccessfulSession.end', array($authResult->getIdentity()));
92 }
93
94 protected function regenerateSessionId()
95 {
96 Session::regenerateId();
97 }
98
99 /**
100 * Accessor to compute the hashed authentication token.
101 *
102 * @param string $login user login
103 * @param string $token_auth authentication token
104 * @return string hashed authentication token
105 * @deprecated
106 */
107 public static function getHashTokenAuth($login, $token_auth)
108 {
109 return md5($login . $token_auth);
110 }
111
112 private function isRemembered()
113 {
114 $cookieParams = session_get_cookie_params();
115 return $cookieParams['lifetime'] > 0;
116 }
117 }
118