summaryrefslogtreecommitdiffstats
path: root/wp-includes/class-wp-user-meta-session-tokens.php
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--wp-includes/class-wp-user-meta-session-tokens.php133
1 files changed, 133 insertions, 0 deletions
diff --git a/wp-includes/class-wp-user-meta-session-tokens.php b/wp-includes/class-wp-user-meta-session-tokens.php
new file mode 100644
index 0000000..d2e2726
--- /dev/null
+++ b/wp-includes/class-wp-user-meta-session-tokens.php
@@ -0,0 +1,133 @@
+<?php
+/**
+ * Session API: WP_User_Meta_Session_Tokens class
+ *
+ * @package WordPress
+ * @subpackage Session
+ * @since 4.7.0
+ */
+
+/**
+ * Meta-based user sessions token manager.
+ *
+ * @since 4.0.0
+ *
+ * @see WP_Session_Tokens
+ */
+class WP_User_Meta_Session_Tokens extends WP_Session_Tokens {
+
+ /**
+ * Retrieves all sessions of the user.
+ *
+ * @since 4.0.0
+ *
+ * @return array Sessions of the user.
+ */
+ protected function get_sessions() {
+ $sessions = get_user_meta( $this->user_id, 'session_tokens', true );
+
+ if ( ! is_array( $sessions ) ) {
+ return array();
+ }
+
+ $sessions = array_map( array( $this, 'prepare_session' ), $sessions );
+ return array_filter( $sessions, array( $this, 'is_still_valid' ) );
+ }
+
+ /**
+ * Converts an expiration to an array of session information.
+ *
+ * @param mixed $session Session or expiration.
+ * @return array Session.
+ */
+ protected function prepare_session( $session ) {
+ if ( is_int( $session ) ) {
+ return array( 'expiration' => $session );
+ }
+
+ return $session;
+ }
+
+ /**
+ * Retrieves a session based on its verifier (token hash).
+ *
+ * @since 4.0.0
+ *
+ * @param string $verifier Verifier for the session to retrieve.
+ * @return array|null The session, or null if it does not exist
+ */
+ protected function get_session( $verifier ) {
+ $sessions = $this->get_sessions();
+
+ if ( isset( $sessions[ $verifier ] ) ) {
+ return $sessions[ $verifier ];
+ }
+
+ return null;
+ }
+
+ /**
+ * Updates a session based on its verifier (token hash).
+ *
+ * @since 4.0.0
+ *
+ * @param string $verifier Verifier for the session to update.
+ * @param array $session Optional. Session. Omitting this argument destroys the session.
+ */
+ protected function update_session( $verifier, $session = null ) {
+ $sessions = $this->get_sessions();
+
+ if ( $session ) {
+ $sessions[ $verifier ] = $session;
+ } else {
+ unset( $sessions[ $verifier ] );
+ }
+
+ $this->update_sessions( $sessions );
+ }
+
+ /**
+ * Updates the user's sessions in the usermeta table.
+ *
+ * @since 4.0.0
+ *
+ * @param array $sessions Sessions.
+ */
+ protected function update_sessions( $sessions ) {
+ if ( $sessions ) {
+ update_user_meta( $this->user_id, 'session_tokens', $sessions );
+ } else {
+ delete_user_meta( $this->user_id, 'session_tokens' );
+ }
+ }
+
+ /**
+ * Destroys all sessions for this user, except the single session with the given verifier.
+ *
+ * @since 4.0.0
+ *
+ * @param string $verifier Verifier of the session to keep.
+ */
+ protected function destroy_other_sessions( $verifier ) {
+ $session = $this->get_session( $verifier );
+ $this->update_sessions( array( $verifier => $session ) );
+ }
+
+ /**
+ * Destroys all session tokens for the user.
+ *
+ * @since 4.0.0
+ */
+ protected function destroy_all_sessions() {
+ $this->update_sessions( array() );
+ }
+
+ /**
+ * Destroys all sessions for all users.
+ *
+ * @since 4.0.0
+ */
+ public static function drop_sessions() {
+ delete_metadata( 'user', 0, 'session_tokens', false, true );
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-13 16:26:31 +0000