CookieStore
class CookieStore extends BaseStore (View source)
A session store which stores the session data in an encrypted & signed cookie.
This way the server doesn't need to open a database connection or have a shared filesystem for reading the session from - the client passes through the session with every request.
This approach does have some limitations - cookies can only be quite small (4K total, but we limit to 1K) and can only be set before the server starts sending a response.
So we clear the cookie on Session startup (which should always be before the headers get sent), but just fail on Session write if we can't use cookies, assuming there's something watching for that & providing a fallback
Traits
Provides extensions to this object to integrate it with standard config API methods.
Config options
| max_length | int | Maximum length of a cookie value in characters |
Properties
| protected | string|null | $key | Session secret key |
from BaseStore |
| protected | CryptoHandler|null | $crypto | Encryption service |
|
| protected | string | $cookie | Name of cookie |
|
| protected | string|null | $currentCookieData | Known unmodified value of this cookie. If the cookie backend has been read into the application, then the backend is unable to verify the modification state of this value internally within the system, so this will be left null unless written back. |
Methods
Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).
Gets the uninherited value for the given config option
Get the cryptography store for the specified session
Details
static Config_ForClass
config()
Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).
mixed
uninherited(string $name)
Gets the uninherited value for the given config option
void
setKey(string|null $key)
Assign a new session secret key
protected string|null
getKey()
Get the session secret key
protected int
getLifetime()
Get lifetime in number of seconds
protected int
getNow()
Gets the current unix timestamp
bool
open(string $save_path, string $name)
No description
bool
close()
No description
protected CryptoHandler|null
getCrypto(string $session_id)
Get the cryptography store for the specified session
string|false
read(string $session_id)
No description
protected bool
canWrite()
Determine if the session could be verifiably written to cookie storage
bool
write(string $session_id, string $session_data)
No description
bool
destroy(string $session_id)
No description
int|false
gc(int $maxlifetime)
No description