Cutelyst  2.13.0
Public Member Functions | Static Public Member Functions | List of all members
Cutelyst::Session Class Reference

#include <session.h>

Inheritance diagram for Cutelyst::Session:
Inheritance graph
[legend]

Public Member Functions

 Session (Application *parent)
 
void setStorage (SessionStore *store)
 
virtual bool setup (Application *app) final
 
SessionStorestorage () const
 
- Public Member Functions inherited from Cutelyst::Plugin
 Plugin (Application *parent)
 

Static Public Member Functions

static void changeExpires (Context *c, quint64 expires)
 
static QString deleteReason (Context *c)
 
static void deleteSession (Context *c, const QString &reason=QString())
 
static void deleteValue (Context *c, const QString &key)
 
static void deleteValues (Context *c, const QStringList &keys)
 
static quint64 expires (Context *c)
 
static QString id (Context *c)
 
static bool isValid (Context *c)
 
static void setValue (Context *c, const QString &key, const QVariant &value)
 
static QVariant value (Context *c, const QString &key, const QVariant &defaultValue=QVariant())
 

Detailed Description

Plugin providing methods for session management.

Configuration file options

There are some options you can set in your application configuration file in the Cutelyst_Session_Plugin section.

expires

Integer value, default: 7200

Expiration duration of the session in seconds.

verify_address

Boolean value, default: false

If enabled, the plugin will check if the IP address of the requesting user matches the address stored in the session data. In case of a mismatch, the session will be deleted.

verify_user_agent

Boolean value, default: false

If true, the plugin will check if the user agent of the requesting user matches the user agent stored in the session data. In case of a mismatch, the session will be deleted.

cookie_http_only

Boolean value, default: true

If true, the session cookie will have the httpOnly flag set so that the cookie is not accessible to JavaScript's Document.cookie API.

cookie_secure

Boolean value, default: false

If true, the session cookie will have the secure flag set so that the cookie is only sent to the server with an encrypted request over the HTTPS protocol.

Definition at line 105 of file session.h.

Constructor & Destructor Documentation

◆ Session()

Session::Session ( Cutelyst::Application parent)

Constructs a new session object with the given parent.

Definition at line 48 of file session.cpp.

Member Function Documentation

◆ changeExpires()

void Session::changeExpires ( Context c,
quint64  expires 
)
static

change the session expiration time for this session

Note that this only works to set the session longer than the config setting.

Definition at line 138 of file session.cpp.

References expires(), and id().

◆ deleteReason()

QString Session::deleteReason ( Context c)
static

This method contains a string with the reason a session was deleted. Possible values include:

  • session expired
  • address mismatch
  • user agent mismatch

Definition at line 160 of file session.cpp.

References Cutelyst::Context::stash().

◆ deleteSession()

void Session::deleteSession ( Context c,
const QString &  reason = QString() 
)
static

This method is used to invalidate a session. It takes an optional parameter which will be saved in deleteReason if provided.

NOTE: This method will also delete your flash data.

Definition at line 151 of file session.cpp.

◆ deleteValue()

void Session::deleteValue ( Context c,
const QString &  key 
)
static

Removes the session key.

Definition at line 203 of file session.cpp.

References Cutelyst::Context::setStash(), and Cutelyst::Context::stash().

◆ deleteValues()

void Session::deleteValues ( Context c,
const QStringList &  keys 
)
static

◆ expires()

quint64 Session::expires ( Context c)
static

This method returns the time when the current session will expire, or 0 if there is no current session. If there is a session and it already expired, it will delete the session and return 0 as well.

Definition at line 118 of file session.cpp.

References Cutelyst::Context::stash().

Referenced by changeExpires().

◆ id()

QString Session::id ( Cutelyst::Context c)
static

Returns the current session id or null if there is no current session

Definition at line 100 of file session.cpp.

References Cutelyst::Context::stash().

Referenced by changeExpires().

◆ isValid()

bool Session::isValid ( Cutelyst::Context c)
static

Returns true if the session is valid.

Definition at line 251 of file session.cpp.

◆ setStorage()

void Session::setStorage ( SessionStore store)

Sets the session storage

Definition at line 84 of file session.cpp.

◆ setup()

bool Session::setup ( Application app)
finalvirtual

Sets up the plugin and loads the configuration.

Reimplemented from Cutelyst::Plugin.

Definition at line 59 of file session.cpp.

References Cutelyst::Application::afterDispatch(), Cutelyst::Engine::config(), Cutelyst::Application::engine(), and Cutelyst::Application::postForked().

◆ setValue()

void Session::setValue ( Cutelyst::Context c,
const QString &  key,
const QVariant &  value 
)
static

Sets the value for session key to value. If the key already exists, the previous value is overwritten.

Definition at line 180 of file session.cpp.

References Cutelyst::Context::setStash(), Cutelyst::Context::stash(), and value().

Referenced by Cutelyst::StatusMessage::error(), Cutelyst::StatusMessage::errorQuery(), Cutelyst::AuthenticationRealm::persistUser(), Cutelyst::StatusMessage::status(), and Cutelyst::StatusMessage::statusQuery().

◆ storage()

SessionStore * Session::storage ( ) const

Returns the session storage

Definition at line 94 of file session.cpp.

◆ value()

QVariant Session::value ( Cutelyst::Context c,
const QString &  key,
const QVariant &  defaultValue = QVariant() 
)
static

Returns the value for session key. If the session key doesn't exist, returns defaultValue.

Definition at line 165 of file session.cpp.

References Cutelyst::Context::stash().

Referenced by Cutelyst::StatusMessage::load(), setValue(), and Cutelyst::AuthenticationRealm::userIsRestorable().