From 0cea6ef3a3d415c5b6a8fb37492a408e3aa50d6d Mon Sep 17 00:00:00 2001 From: Steve Boyd Date: Wed, 24 Mar 2021 13:53:46 +1300 Subject: [PATCH] NEW Add onBeforeRemoveLoginSession extension hook --- composer.json | 3 ++- src/Middleware/LoginSessionController.php | 11 +++-------- src/Security/LogInAuthenticationHandler.php | 6 ++++-- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/composer.json b/composer.json index d157d94..f973b9b 100644 --- a/composer.json +++ b/composer.json @@ -33,7 +33,8 @@ "symbiote/silverstripe-queuedjobs": "^4" }, "suggest": { - "symbiote/silverstripe-queuedjobs": "^4" + "symbiote/silverstripe-queuedjobs": "^4", + "silverstripe/auditor": "^2.3" }, "autoload": { "psr-4": { diff --git a/src/Middleware/LoginSessionController.php b/src/Middleware/LoginSessionController.php index 6fcf229..88ad5f9 100644 --- a/src/Middleware/LoginSessionController.php +++ b/src/Middleware/LoginSessionController.php @@ -5,21 +5,14 @@ use SilverStripe\Admin\LeftAndMain; use SilverStripe\Control\HTTPRequest; use SilverStripe\Control\HTTPResponse; -use SilverStripe\Core\Injector\Injector; -use SilverStripe\ORM\ValidationException; -use SilverStripe\Security\Member; -use SilverStripe\Security\Security; use SilverStripe\Security\SecurityToken; use SilverStripe\SessionManager\Model\LoginSession; -/** - * Class LoginSessionController - * @package SilverStripe\SessionManager\Control - */ class LoginSessionController extends LeftAndMain { private static $url_segment = 'loginsession'; + // TODO: this is probably a legacy config that's not used anywhere so should be deleted private static $ignore_menuitem = true; private static $url_handlers = [ @@ -62,6 +55,8 @@ public function removeLoginSession(HTTPRequest $request): HTTPResponse ); } + $this->extend('onBeforeRemoveLoginSession', $loginSession); + $loginSession->delete(); return $this->jsonResponse([ diff --git a/src/Security/LogInAuthenticationHandler.php b/src/Security/LogInAuthenticationHandler.php index d41c1e5..7d6121d 100644 --- a/src/Security/LogInAuthenticationHandler.php +++ b/src/Security/LogInAuthenticationHandler.php @@ -94,7 +94,7 @@ public function logIn(Member $member, $persistent = false, HTTPRequest $request } $loginSession->LastAccessed = DBDatetime::now()->Rfc2822(); - $loginSession->IPAddress = $request->getIP(); + $loginSession->IPAddress = $request ? $request->getIP() : ''; $loginSession->write(); if ($persistent && $rememberLoginHash = $this->getRememberLoginHash()) { @@ -102,7 +102,9 @@ public function logIn(Member $member, $persistent = false, HTTPRequest $request $rememberLoginHash->write(); } - $request->getSession()->set($this->getSessionVariable(), $loginSession->ID); + if ($request) { + $request->getSession()->set($this->getSessionVariable(), $loginSession->ID); + } } /**