laravel session 生命周期

捣蛋鬼大师

已于 2022-12-05 17:20:15 修改

阅读量682

点赞数

分类专栏： AllInOne 项目保姆级记录文章标签： laravel php

于 2022-12-05 14:29:00 首次发布

本文链接：https://blog.csdn.net/qq_39586877/article/details/128185474

版权

AllInOne 项目保姆级记录专栏收录该内容

6 篇文章 0 订阅

订阅专栏

laravel 自定义session存储逻辑生命周期发生了什么?

位置：app/Http/Kernel.php


    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            // \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],

        'api' => [
            'throttle:60,1',
            'bindings',
        ],
    ];

关键位置：
\Illuminate\Session\Middleware\StartSession::class
顺便提一下 \App\Http\Middleware\EncryptCookies::class类
这个是加密解密cookie，保证数据完整性的逻辑代码部分，准备另起一篇cookie加密解密和保证数据完整性（不被篡改）进行记录

关键代码：handle方法

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (! $this->sessionConfigured()) {
            return $next($request);
        }

        // If a session driver has been configured, we will need to start the session here
        // so that the data is ready for an application. Note that the Laravel sessions
        // do not make use of PHP "native" sessions in any way since they are crappy.
        $request->setLaravelSession(
            $session = $this->startSession($request)
        );

        $this->collectGarbage($session);

        $response = $next($request);

        $this->storeCurrentUrl($request, $session);

        $this->addCookieToResponse($response, $session); 

        // Again, if the session has been configured we will need to close out the session
        // so that the attributes may be persisted to some storage medium. We will also
        // add the session identifier cookie to the application response headers now.
        $this->saveSession($request);

        return $response;
    }

从请求的cookie字段获取session文件名（sessionID）

$request->setLaravelSession(
$session = $t h i s - > s t a r t S e s s i o n ($ request)
);

  /**
     * Start the session for the given request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Contracts\Session\Session
     */
    protected function startSession(Request $request)
    {
        return tap($this->getSession($request), function ($session) use ($request) {
            $session->setRequestOnHandler($request);

            $session->start();
        });
    }

    /**
     * Get the session implementation from the manager.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Contracts\Session\Session
     */
    public function getSession(Request $request)
    {
        return tap($this->manager->driver(), function ($session) use ($request) {
            $session->setId($request->cookies->get($session->getName()));
        });
    }

$this->manager->driver() 返回是object(Illuminate\Session\Store)；

关键代码：

   $this->saveSession($request);

  /**
     * Save the session data to storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return void
     */
    protected function saveSession($request)
    {
        $this->manager->driver()->save();
    }

这里是存储session数据， $this->manager->driver()是vendor/laravel/framework/src/Illuminate/Session/FileSessionHandler.php实体类
这个类自定义了所有关于session存取逻辑,
session存储数据（未序列化情况）

array(5) {
  ["_token"]=>
  string(40) "kgPstXl3vtLj2qvCCZczYppGO8FNhx6E4PAQxgZf"
  ["url"]=>
  array(0) {
  }
  ["_previous"]=>
  array(1) {
    ["url"]=>
    string(32) "http://www.laravellearn.xyz/home"
  }
  ["_flash"]=>
  array(2) {
    ["old"]=>
    array(0) {
    }
    ["new"]=>
    array(0) {
    }
  }
  ["login_web_59ba36addc2b2f9401580f014c7f58ea4e30989d"]=>
  int(6) //登录用户数据库字段主键值
}

未登录情况下没有login_web_.sha1(static::class)字段，login_web_sha1(static::class)用于用户的相关认证

待续。。。
如有不正确的请指正

捣蛋鬼大师

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
laravel session 生命周期

位置：app/Http/Kernel.php关键位置：顺便提一下类这个是加密解密cookie，保证数据完整性的逻辑代码部分，准备另起一篇进行记录关键代码：方法从请求的cookie字段获取session文件名（sessionID）返回是；关键代码：这里是存储session数据，是实体类这个类自定义了所有关于session存取逻辑,session存储数据（未序列化情况）未登录情况下没有字段，用于用户的相关认证待续。。。如有不正确的请指正
复制链接

扫一扫

专栏目录