vperyod/session-handler

PSR7 Aura\Session Handler

Maintainers

Details

github.com/vperyod/vperyod.session-handler

Homepage

Source

Issues

Installs: 154

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 0

Open Issues: 0

0.3.0 2017-11-06 19:36 UTC

Requires

Requires (Dev)

MIT cb630fca33bf5ca5cbf30c41647db6645c16cc51

  • jake johns <jake.woop@jakejohns.net>

This package is auto-updated.

Last update: 2024-03-29 03:37:45 UTC

README

Aura\Session handler middleware

Latest version Build Status Coverage Status Quality Score

Installation

composer require vperyod/session-handler

Usage

See Aura\Session documentation.

Basic Session

<?php
// Create handler, optionally passing Aura\SessionFactory instance
$handler = new Vperyod\SessionHandler\SessionHandler($sessionFactory);

// Optionally set the `SessionAttribute`, the name of the attribute on which to
// store the `Session` in the `Request`. Defaults to 'aura/session:session'
$handler->setSessionAttribute('session');

// Add to your middleware stack, radar, relay, etc.
$stack->middleware($handler);

// Subsequest dealings with `Request` will have the `Session` instance available at
// the previous specified atribute
$session = $request->getAttribute('session');


// The `SessionRequestAwareTrait` should make dealings easier.
//
// Have all your objects that deal with the session attribute on the request use
// the `SessionRequestAwareTrait` and have your DI container use the setter, so that
// they all know where the session object is stored.

class MyMiddleware
{
    use \Vperyod\SessionHandler\SessionRequestAwareTrait;

    public function __invoke($request, $response, $next)
    {
        $session = $this->getSession($request);
        // ... do stuff with session...
        return $next($request, $response);
    }
}

// Getting input for an action from a session
class MyInputExtractor
{

    use \Vperyod\SessionHandler\SessionRequestAwareTrait;

    public function __invoke($request)
    {
        return [
            'session' => $this->getSession($request),
            'data' => $request->getParsedBody()
        ];
    }
}

// Flash messaging in a responder
class MyAbstractResponder
{
    use \Vperyod\SessionHandler\SessionRequestAwareTrait;

    //...

    public function success()
    {
        $this->getSession($this->request)
            ->getSegment('My\\Messages')
            ->setFlash('message', 'You have Successfully Done Something!');
        return $this->redirect();
    }

    public function renderView()
    {
        $messages = $this->getSession($this->request)
            ->getSegment('My\\Messages')
            ->getFlash('message');
        $this->view->addData(['messages' => $messages]);
        // ...
    }
}

CSRF Handler

use \Vperyod\SessionHandler\SessionHandler;
use \Vperyod\SessionHandler\CsrfHandler;


$csrfFail = function ($request, $response, $next) {
    $response->getBody()->write('FAIL');
    return $response;
}

$session = new SessionHandler();
$csrf = new CsrfHandler($csrfFail); // optionally pass a fail responder callable

$stack->middleware($session); // make sure sesison handler is first
$stack->middleware($csrf);


// SessionRequestAwareTrait will provide methods for passing CSRF info to View

class MyAbstractResponder
{
    use SessionRequestAwareTrait;

    public function renderView()
    {
        // ...
        $this->view->addData(['csrf' => $this->getCsrfSpec()]);
        // [
        //      'type' => 'hidden',
        //      'name' => '__csrf_token',
        //      'value' => $csrfValue
        // ]
        // ...
    }
}

// in view using aura/html
$this->input($this->csrf);