class SessionStore implements StoreInterface, Serializable (View source)

This class provides an interface to store data in session during an MFA process. This is implemented as a measure to prevent bleeding state between individual MFA auth types

Constants

SESSION_KEY

Properties

protected Member $member

The member that is currently going through the MFA process

protected int $memberID

MemberID is only used on unserialising from session as we can defer the DB call for the member

protected string $method

A string representing the current authentication method that is underway

protected array $state

Any state that the current authentication method needs to retain while it is underway

protected string[] $verifiedMethods

The URL segment identifiers of methods that have been verified in this session

Methods

public
__construct(Member $member)

Attempt to create a store from the given request getting any existing state from the session of the request

public
Member|null
getMember()

No description

public
setMember(Member $member)

No description

public
string|null
getMethod()

No description

public
setMethod(string|null $method)

No description

public
array
getState()

Get the state from the store

public
setState(array $state)

Update the state in the store. Will override existing state. To add to the existing state use addState().

public
addState(array $state)

Add to the state in the store

public
addVerifiedMethod(string $method)

Add and keep track of methods that have been verified

public
array
getVerifiedMethods()

Get the list of methods that have been verified

public
save(HTTPRequest $request)

Save this store into the session of the given request

public static 
StoreInterface|null
load(HTTPRequest $request)

Load a StoreInterface from the given request and return it if it exists

public static 
void
clear(HTTPRequest $request)

Clear any stored values for the given request

protected
resetMethod()

"Reset" the method currently in progress by clearing the identifier and state

public
array
__serialize()

No description

public
void
__unserialize(array $data)

No description

public
string
serialize() deprecated

The __serialize() magic method will be automatically used instead of this

public
void
unserialize(string $serialized) deprecated

The __unserialize() magic method will be automatically used instead of this almost all the time This method will be automatically used if existing serialized data was not saved as an associative array and the PHP version used in less than PHP 9.0

Details

__construct(Member $member)

Attempt to create a store from the given request getting any existing state from the session of the request

{@inheritdoc}

Parameters

Member $member

Member|null getMember()

No description

Return Value

Member|null

StoreInterface setMember(Member $member)

No description

Parameters

Member $member

Return Value

StoreInterface

string|null getMethod()

No description

Return Value

string|null

StoreInterface setMethod(string|null $method)

No description

Parameters

string|null $method

Return Value

StoreInterface

array getState()

Get the state from the store

Return Value

array

StoreInterface setState(array $state)

Update the state in the store. Will override existing state. To add to the existing state use addState().

Parameters

array $state

Return Value

StoreInterface

StoreInterface addState(array $state)

Add to the state in the store

Parameters

array $state

Return Value

StoreInterface

StoreInterface addVerifiedMethod(string $method)

Add and keep track of methods that have been verified

Parameters

string $method

Return Value

StoreInterface

array getVerifiedMethods()

Get the list of methods that have been verified

Return Value

array

StoreInterface save(HTTPRequest $request)

Save this store into the session of the given request

{@inheritdoc}

Parameters

HTTPRequest $request

Return Value

StoreInterface

static StoreInterface|null load(HTTPRequest $request)

Load a StoreInterface from the given request and return it if it exists

Parameters

HTTPRequest $request

Return Value

StoreInterface|null

static void clear(HTTPRequest $request)

Clear any stored values for the given request

{@inheritdoc}

Parameters

HTTPRequest $request

Return Value

void

protected StoreInterface resetMethod()

"Reset" the method currently in progress by clearing the identifier and state

Return Value

StoreInterface

array __serialize()

No description

Return Value

array

void __unserialize(array $data)

No description

Parameters

array $data

Return Value

void

string serialize() deprecated

deprecated 4.7.0 Use __serialize() instead

The __serialize() magic method will be automatically used instead of this

Return Value

string

void unserialize(string $serialized) deprecated

deprecated 4.7.0 Use __unserialize() instead

The __unserialize() magic method will be automatically used instead of this almost all the time This method will be automatically used if existing serialized data was not saved as an associative array and the PHP version used in less than PHP 9.0

Parameters

string $serialized

Return Value

void