SessionHandler

A handler that maintains a @see \io\vertx\jphp\ext\web\Session for each browser session.

It looks up the session for each request based on a session cookie which contains a session ID. It stores the session when the response is ended in the session store.

The session is available on the routing context with .

The session handler requires a @see \io\vertx\jphp\ext\web\handler\CookieHandler to be on the routing chain before it.

package	Default

Methods

__construct

__construct()

Create a session handler

create( $arg0) : \io\vertx\jphp\ext\web\handler\SessionHandler

static

Arguments

$arg0

SessionStore

Response

\io\vertx\jphp\ext\web\handler\SessionHandler

the handler

Something has happened, so handle it.

handle( $arg0) : void

Arguments

$arg0

RoutingContext

Sets whether the 'HttpOnly' flag should be set for the session cookie. When set this flag instructs browsers to prevent Javascript access to the the cookie. Used as a line of defence against the most common XSS attacks.

setCookieHttpOnlyFlag( $arg0) : $this

Arguments

$arg0

boolean

Response

$this

a reference to this, so the API can be used fluently

Sets whether the 'secure' flag should be set for the session cookie. When set this flag instructs browsers to only send the cookie over HTTPS. Note that this will probably stop your sessions working if used without HTTPS (e.g. in development).

setCookieSecureFlag( $arg0) : $this

Arguments

$arg0

boolean

Response

$this

a reference to this, so the API can be used fluently

Set expected session id minimum length.

setMinLength( $arg0) : $this

Arguments

$arg0

integer

Response

$this

a reference to this, so the API can be used fluently

Set whether a nagging log warning should be written if the session handler is accessed over HTTP, not HTTPS

setNagHttps( $arg0) : $this

Arguments

$arg0

boolean

Response

$this

a reference to this, so the API can be used fluently

Set the session cookie name

setSessionCookieName( $arg0) : $this

Arguments

$arg0

string

Response

$this

a reference to this, so the API can be used fluently

Set the session cookie path

setSessionCookiePath( $arg0) : $this

Arguments

$arg0

string

Response

$this

a reference to this, so the API can be used fluently

Set the session timeout

setSessionTimeout( $arg0) : $this

Arguments

$arg0

integer

Response

$this

a reference to this, so the API can be used fluently

Constants

Default name of session cookie

DEFAULT_SESSION_COOKIE_NAME

var	php文件只是为了写代码方便，常量的实际值请参考原java文件

Default path of session cookie

DEFAULT_SESSION_COOKIE_PATH

var	php文件只是为了写代码方便，常量的实际值请参考原java文件

Default time, in ms, that a session lasts for without being accessed before expiring.

DEFAULT_SESSION_TIMEOUT

var	php文件只是为了写代码方便，常量的实际值请参考原java文件

Default of whether a nagging log warning should be written if the session handler is accessed over HTTP, not HTTPS

DEFAULT_NAG_HTTPS

var	php文件只是为了写代码方便，常量的实际值请参考原java文件

Default of whether the cookie has the HttpOnly flag set More info: https://www.owasp.org/index.php/HttpOnly

DEFAULT_COOKIE_HTTP_ONLY_FLAG

var	php文件只是为了写代码方便，常量的实际值请参考原java文件

Default of whether the cookie has the 'secure' flag set to allow transmission over https only. More info: https://www.owasp.org/index.php/SecureFlag

DEFAULT_COOKIE_SECURE_FLAG

var	php文件只是为了写代码方便，常量的实际值请参考原java文件

Default min length for a session id. More info: https://www.owasp.org/index.php/Session_Management_Cheat_Sheet

DEFAULT_SESSIONID_MIN_LENGTH

var	php文件只是为了写代码方便，常量的实际值请参考原java文件