Last active
March 1, 2022 09:57
-
-
Save eypsilon/aa0ef898608ff4c441d7d7af94bc6b7b to your computer and use it in GitHub Desktop.
Auto Logout for PHP-Auth (https://github.com/delight-im/PHP-Auth)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php declare(strict_types=1); | |
| // namespace Many\Authentication\Utils; | |
| use Delight\Auth\UserManager; | |
| /** | |
| * Auto Logout for PHP-Auth (https://github.com/delight-im/PHP-Auth) | |
| * | |
| * @package ManyAuthentication | |
| * @author Engin Ypsilon <engin.ypsilon@gmail.com> | |
| */ | |
| class AutoLogout | |
| { | |
| /** @var String session field for users last action time */ | |
| const SESSION_FIELD_LAST_ACTION = 'auth_last_action'; | |
| /** @var String get parameter name to prevent endless loops when redirect */ | |
| const GET_IS_REDIRECTED = 'auth_redirected'; | |
| /** | |
| * Logs the user automatically out after X seconds. Runs only, when a User is logged in | |
| * | |
| * @param Int $seconds When the Login should expire, max lifetime in seconds | |
| * @param String $redirect Redirect user to a specific URL, otherwise the method will just destroy the SESSION | |
| * @param Callable $callback Callback function or a Closure function to do additional stuff | |
| * @param Int $statusCode Redirect Status code to set, default is: 301 "Moved Permanently" | |
| * @return VOID | |
| */ | |
| public function watch(Int $seconds, String $redirect=null, Callable $callback=null, Int $statusCode=301): Void | |
| { | |
| if ($_SESSION[UserManager::SESSION_FIELD_LOGGED_IN] ?? false) { | |
| if ($l = ($_SESSION[self::SESSION_FIELD_LAST_ACTION] ?? false)) { | |
| if (\time() > $l+$seconds) { | |
| \session_destroy(); | |
| if ($callback) | |
| $callback($seconds, $redirect, $statusCode); | |
| if ($redirect) { | |
| $redirect .= (\strpos($redirect, '?') !== false ? '&' : '?') . self::GET_IS_REDIRECTED; | |
| if (!isset($_GET[self::GET_IS_REDIRECTED])) | |
| @\header("Location: {$redirect}", true, $statusCode); | |
| exit(\sprintf('<h2>Redirection failed</h2><p>Go to: <a href="%1$s">URL %1$s</a></p>', \htmlspecialchars($redirect))); | |
| } | |
| } | |
| } | |
| $_SESSION[self::SESSION_FIELD_LAST_ACTION] = \time(); | |
| } | |
| return; | |
| } | |
| } | |
| /** | |
| * default usage with redirect | |
| * (new AutoLogout)->watch(3, '/redirect_to'); | |
| * | |
| * with a custom callback | |
| * function alCallback($seconds, $redirect, $statusCode) {} | |
| * (new AutoLogout)->watch(3, null, 'alCallback'); | |
| * | |
| * callback alternate | |
| * (new AutoLogout)->watch(3, null, function($sec, $red, $sta) {}); | |
| */ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment