• laravel session 生命周期顶级边路


    laravel 自定义session存储逻辑生命周期发生了什么?

    位置:app/Http/Kernel.php

    
        /**
         * The application's route middleware groups.
         *
         * @var array
         */
        protected $middlewareGroups = [
            'web' => [
                \App\Http\Middleware\EncryptCookies::class,
                \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
                \Illuminate\Session\Middleware\StartSession::class,
                // \Illuminate\Session\Middleware\AuthenticateSession::class,
                \Illuminate\View\Middleware\ShareErrorsFromSession::class,
                \App\Http\Middleware\VerifyCsrfToken::class,
                \Illuminate\Routing\Middleware\SubstituteBindings::class,
            ],
    
            'api' => [
                'throttle:60,1',
                'bindings',
            ],
        ];
    
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21
    • 22

    关键位置:
    \Illuminate\Session\Middleware\StartSession::class
    顺便提一下 \App\Http\Middleware\EncryptCookies::class
    这个是加密解密cookie,保证数据完整性的逻辑代码部分,准备另起一篇cookie加密解密和保证数据完整性(不被篡改)进行记录

    关键代码:handle方法

        /**
         * Handle an incoming request.
         *
         * @param  \Illuminate\Http\Request  $request
         * @param  \Closure  $next
         * @return mixed
         */
        public function handle($request, Closure $next)
        {
            if (! $this->sessionConfigured()) {
                return $next($request);
            }
    
            // If a session driver has been configured, we will need to start the session here
            // so that the data is ready for an application. Note that the Laravel sessions
            // do not make use of PHP "native" sessions in any way since they are crappy.
            $request->setLaravelSession(
                $session = $this->startSession($request)
            );
    
            $this->collectGarbage($session);
    
            $response = $next($request);
    
            $this->storeCurrentUrl($request, $session);
    
            $this->addCookieToResponse($response, $session); 
    
            // Again, if the session has been configured we will need to close out the session
            // so that the attributes may be persisted to some storage medium. We will also
            // add the session identifier cookie to the application response headers now.
            $this->saveSession($request);
    
            return $response;
        }
    
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21
    • 22
    • 23
    • 24
    • 25
    • 26
    • 27
    • 28
    • 29
    • 30
    • 31
    • 32
    • 33
    • 34
    • 35

    从请求的cookie字段获取session文件名(sessionID)

    $request->setLaravelSession(
    $session = t h i s − > s t a r t S e s s i o n ( this->startSession( this>startSession(request)
    );

      /**
         * Start the session for the given request.
         *
         * @param  \Illuminate\Http\Request  $request
         * @return \Illuminate\Contracts\Session\Session
         */
        protected function startSession(Request $request)
        {
            return tap($this->getSession($request), function ($session) use ($request) {
                $session->setRequestOnHandler($request);
    
                $session->start();
            });
        }
    
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
        /**
         * Get the session implementation from the manager.
         *
         * @param  \Illuminate\Http\Request  $request
         * @return \Illuminate\Contracts\Session\Session
         */
        public function getSession(Request $request)
        {
            return tap($this->manager->driver(), function ($session) use ($request) {
                $session->setId($request->cookies->get($session->getName()));
            });
        }
    
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12

    $this->manager->driver() 返回是object(Illuminate\Session\Store)

    关键代码:

       $this->saveSession($request);
    
    • 1
      /**
         * Save the session data to storage.
         *
         * @param  \Illuminate\Http\Request  $request
         * @return void
         */
        protected function saveSession($request)
        {
            $this->manager->driver()->save();
        }
    
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10

    这里是存储session数据, $this->manager->driver()vendor/laravel/framework/src/Illuminate/Session/FileSessionHandler.php实体类
    这个类自定义了所有关于session存取逻辑,
    session存储数据(未序列化情况)

    array(5) {
      ["_token"]=>
      string(40) "kgPstXl3vtLj2qvCCZczYppGO8FNhx6E4PAQxgZf"
      ["url"]=>
      array(0) {
      }
      ["_previous"]=>
      array(1) {
        ["url"]=>
        string(32) "http://www.laravellearn.xyz/home"
      }
      ["_flash"]=>
      array(2) {
        ["old"]=>
        array(0) {
        }
        ["new"]=>
        array(0) {
        }
      }
      ["login_web_59ba36addc2b2f9401580f014c7f58ea4e30989d"]=>
      int(6) //登录用户数据库字段主键值
    }
    
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21
    • 22
    • 23

    未登录情况下没有login_web_.sha1(static::class)字段,login_web_sha1(static::class)用于用户的相关认证

    待续。。。
    如有不正确的请指正

  • 相关阅读:
    【网络安全产品】---下一代防火墙
    免费开放商用!Stability AI推轻量级AI绘画利器 Stable Diffusion 3.5 Medium模型
    vue2技能树(2)-模板语法、vue的工具链、渐进式框架
    湘潭大学 2023年下学期《C语言》作业0x04-循环2 XTU OJ 1182,1149,1213,1277,1343
    MySQL 事务常见面试题总结 | JavaGuide 审核中
    小程序添加悬浮在线客服源码
    Jest 如何支持异步及时间函数
    web当中的WebStorage详解
    Ajax基础概念和接口及Axios语法和FormData
    高速DSP系统设计参考指南(二)传输线(TL)效应
  • 原文地址:https://blog.csdn.net/qq_39586877/article/details/128185474