ci4

Форк
0
/
RedisHandler.php 
419 строк · 11.2 Кб
1
<?php
2

3
declare(strict_types=1);
4

5
/**
6
 * This file is part of CodeIgniter 4 framework.
7
 *
8
 * (c) CodeIgniter Foundation <admin@codeigniter.com>
9
 *
10
 * For the full copyright and license information, please view
11
 * the LICENSE file that was distributed with this source code.
12
 */
13

14
namespace CodeIgniter\Session\Handlers;
15

16
use CodeIgniter\I18n\Time;
17
use CodeIgniter\Session\Exceptions\SessionException;
18
use Config\Session as SessionConfig;
19
use Redis;
20
use RedisException;
21
use ReturnTypeWillChange;
22

23
/**
24
 * Session handler using Redis for persistence
25
 */
26
class RedisHandler extends BaseHandler
27
{
28
    private const DEFAULT_PORT     = 6379;
29
    private const DEFAULT_PROTOCOL = 'tcp';
30

31
    /**
32
     * phpRedis instance
33
     *
34
     * @var Redis|null
35
     */
36
    protected $redis;
37

38
    /**
39
     * Key prefix
40
     *
41
     * @var string
42
     */
43
    protected $keyPrefix = 'ci_session:';
44

45
    /**
46
     * Lock key
47
     *
48
     * @var string|null
49
     */
50
    protected $lockKey;
51

52
    /**
53
     * Key exists flag
54
     *
55
     * @var bool
56
     */
57
    protected $keyExists = false;
58

59
    /**
60
     * Number of seconds until the session ends.
61
     *
62
     * @var int
63
     */
64
    protected $sessionExpiration = 7200;
65

66
    /**
67
     * Time (microseconds) to wait if lock cannot be acquired.
68
     */
69
    private int $lockRetryInterval = 100_000;
70

71
    /**
72
     * Maximum number of lock acquisition attempts.
73
     */
74
    private int $lockMaxRetries = 300;
75

76
    /**
77
     * @param string $ipAddress User's IP address
78
     *
79
     * @throws SessionException
80
     */
81
    public function __construct(SessionConfig $config, string $ipAddress)
82
    {
83
        parent::__construct($config, $ipAddress);
84

85
        // Store Session configurations
86
        $this->sessionExpiration = ($config->expiration === 0)
87
            ? (int) ini_get('session.gc_maxlifetime')
88
            : $config->expiration;
89

90
        // Add sessionCookieName for multiple session cookies.
91
        $this->keyPrefix .= $config->cookieName . ':';
92

93
        $this->setSavePath();
94

95
        if ($this->matchIP === true) {
96
            $this->keyPrefix .= $this->ipAddress . ':';
97
        }
98

99
        $this->lockRetryInterval = $config->lockWait ?? $this->lockRetryInterval;
100
        $this->lockMaxRetries    = $config->lockAttempts ?? $this->lockMaxRetries;
101
    }
102

103
    protected function setSavePath(): void
104
    {
105
        if (empty($this->savePath)) {
106
            throw SessionException::forEmptySavepath();
107
        }
108

109
        $url   = parse_url($this->savePath);
110
        $query = [];
111

112
        if ($url === false) {
113
            // Unix domain socket like `unix:///var/run/redis/redis.sock?persistent=1`.
114
            if (preg_match('#unix://(/[^:?]+)(\?.+)?#', $this->savePath, $matches)) {
115
                $host = $matches[1];
116
                $port = 0;
117

118
                if (isset($matches[2])) {
119
                    parse_str(ltrim($matches[2], '?'), $query);
120
                }
121
            } else {
122
                throw SessionException::forInvalidSavePathFormat($this->savePath);
123
            }
124
        } else {
125
            // Also accepts `/var/run/redis.sock` for backward compatibility.
126
            if (isset($url['path']) && $url['path'][0] === '/') {
127
                $host = $url['path'];
128
                $port = 0;
129
            } else {
130
                // TCP connection.
131
                if (! isset($url['host'])) {
132
                    throw SessionException::forInvalidSavePathFormat($this->savePath);
133
                }
134

135
                $protocol = $url['scheme'] ?? self::DEFAULT_PROTOCOL;
136
                $host     = $protocol . '://' . $url['host'];
137
                $port     = $url['port'] ?? self::DEFAULT_PORT;
138
            }
139

140
            if (isset($url['query'])) {
141
                parse_str($url['query'], $query);
142
            }
143
        }
144

145
        $password = $query['auth'] ?? null;
146
        $database = isset($query['database']) ? (int) $query['database'] : 0;
147
        $timeout  = isset($query['timeout']) ? (float) $query['timeout'] : 0.0;
148
        $prefix   = $query['prefix'] ?? null;
149

150
        $this->savePath = [
151
            'host'     => $host,
152
            'port'     => $port,
153
            'password' => $password,
154
            'database' => $database,
155
            'timeout'  => $timeout,
156
        ];
157

158
        if ($prefix !== null) {
159
            $this->keyPrefix = $prefix;
160
        }
161
    }
162

163
    /**
164
     * Re-initialize existing session, or creates a new one.
165
     *
166
     * @param string $path The path where to store/retrieve the session
167
     * @param string $name The session name
168
     *
169
     * @throws RedisException
170
     */
171
    public function open($path, $name): bool
172
    {
173
        if (empty($this->savePath)) {
174
            return false;
175
        }
176

177
        $redis = new Redis();
178

179
        if (
180
            ! $redis->connect(
181
                $this->savePath['host'],
182
                $this->savePath['port'],
183
                $this->savePath['timeout']
184
            )
185
        ) {
186
            $this->logger->error('Session: Unable to connect to Redis with the configured settings.');
187
        } elseif (isset($this->savePath['password']) && ! $redis->auth($this->savePath['password'])) {
188
            $this->logger->error('Session: Unable to authenticate to Redis instance.');
189
        } elseif (isset($this->savePath['database']) && ! $redis->select($this->savePath['database'])) {
190
            $this->logger->error(
191
                'Session: Unable to select Redis database with index ' . $this->savePath['database']
192
            );
193
        } else {
194
            $this->redis = $redis;
195

196
            return true;
197
        }
198

199
        return false;
200
    }
201

202
    /**
203
     * Reads the session data from the session storage, and returns the results.
204
     *
205
     * @param string $id The session ID
206
     *
207
     * @return false|string Returns an encoded string of the read data.
208
     *                      If nothing was read, it must return false.
209
     *
210
     * @throws RedisException
211
     */
212
    #[ReturnTypeWillChange]
213
    public function read($id)
214
    {
215
        if (isset($this->redis) && $this->lockSession($id)) {
216
            if (! isset($this->sessionID)) {
217
                $this->sessionID = $id;
218
            }
219

220
            $data = $this->redis->get($this->keyPrefix . $id);
221

222
            if (is_string($data)) {
223
                $this->keyExists = true;
224
            } else {
225
                $data = '';
226
            }
227

228
            $this->fingerprint = md5($data);
229

230
            return $data;
231
        }
232

233
        return false;
234
    }
235

236
    /**
237
     * Writes the session data to the session storage.
238
     *
239
     * @param string $id   The session ID
240
     * @param string $data The encoded session data
241
     *
242
     * @throws RedisException
243
     */
244
    public function write($id, $data): bool
245
    {
246
        if (! isset($this->redis)) {
247
            return false;
248
        }
249

250
        if ($this->sessionID !== $id) {
251
            if (! $this->releaseLock() || ! $this->lockSession($id)) {
252
                return false;
253
            }
254

255
            $this->keyExists = false;
256
            $this->sessionID = $id;
257
        }
258

259
        if (isset($this->lockKey)) {
260
            $this->redis->expire($this->lockKey, 300);
261

262
            if ($this->fingerprint !== ($fingerprint = md5($data)) || $this->keyExists === false) {
263
                if ($this->redis->set($this->keyPrefix . $id, $data, $this->sessionExpiration)) {
264
                    $this->fingerprint = $fingerprint;
265
                    $this->keyExists   = true;
266

267
                    return true;
268
                }
269

270
                return false;
271
            }
272

273
            return $this->redis->expire($this->keyPrefix . $id, $this->sessionExpiration);
274
        }
275

276
        return false;
277
    }
278

279
    /**
280
     * Closes the current session.
281
     */
282
    public function close(): bool
283
    {
284
        if (isset($this->redis)) {
285
            try {
286
                $pingReply = $this->redis->ping();
287

288
                if (($pingReply === true) || ($pingReply === '+PONG')) {
289
                    if (isset($this->lockKey) && ! $this->releaseLock()) {
290
                        return false;
291
                    }
292

293
                    if (! $this->redis->close()) {
294
                        return false;
295
                    }
296
                }
297
            } catch (RedisException $e) {
298
                $this->logger->error('Session: Got RedisException on close(): ' . $e->getMessage());
299
            }
300

301
            $this->redis = null;
302

303
            return true;
304
        }
305

306
        return true;
307
    }
308

309
    /**
310
     * Destroys a session
311
     *
312
     * @param string $id The session ID being destroyed
313
     *
314
     * @throws RedisException
315
     */
316
    public function destroy($id): bool
317
    {
318
        if (isset($this->redis, $this->lockKey)) {
319
            if (($result = $this->redis->del($this->keyPrefix . $id)) !== 1) {
320
                $this->logger->debug(
321
                    'Session: Redis::del() expected to return 1, got ' . var_export($result, true) . ' instead.'
322
                );
323
            }
324

325
            return $this->destroyCookie();
326
        }
327

328
        return false;
329
    }
330

331
    /**
332
     * Cleans up expired sessions.
333
     *
334
     * @param int $max_lifetime Sessions that have not updated
335
     *                          for the last max_lifetime seconds will be removed.
336
     *
337
     * @return false|int Returns the number of deleted sessions on success, or false on failure.
338
     */
339
    #[ReturnTypeWillChange]
340
    public function gc($max_lifetime)
341
    {
342
        return 1;
343
    }
344

345
    /**
346
     * Acquires an emulated lock.
347
     *
348
     * @param string $sessionID Session ID
349
     *
350
     * @throws RedisException
351
     */
352
    protected function lockSession(string $sessionID): bool
353
    {
354
        $lockKey = $this->keyPrefix . $sessionID . ':lock';
355

356
        // PHP 7 reuses the SessionHandler object on regeneration,
357
        // so we need to check here if the lock key is for the
358
        // correct session ID.
359
        if ($this->lockKey === $lockKey) {
360
            // If there is the lock, make the ttl longer.
361
            return $this->redis->expire($this->lockKey, 300);
362
        }
363

364
        $attempt = 0;
365

366
        do {
367
            $result = $this->redis->set(
368
                $lockKey,
369
                (string) Time::now()->getTimestamp(),
370
                // NX -- Only set the key if it does not already exist.
371
                // EX seconds -- Set the specified expire time, in seconds.
372
                ['nx', 'ex' => 300]
373
            );
374

375
            if (! $result) {
376
                usleep($this->lockRetryInterval);
377

378
                continue;
379
            }
380

381
            $this->lockKey = $lockKey;
382
            break;
383
        } while (++$attempt < $this->lockMaxRetries);
384

385
        if ($attempt === 300) {
386
            $this->logger->error(
387
                'Session: Unable to obtain lock for ' . $this->keyPrefix . $sessionID
388
                . ' after 300 attempts, aborting.'
389
            );
390

391
            return false;
392
        }
393

394
        $this->lock = true;
395

396
        return true;
397
    }
398

399
    /**
400
     * Releases a previously acquired lock
401
     *
402
     * @throws RedisException
403
     */
404
    protected function releaseLock(): bool
405
    {
406
        if (isset($this->redis, $this->lockKey) && $this->lock) {
407
            if (! $this->redis->del($this->lockKey)) {
408
                $this->logger->error('Session: Error while trying to free lock for ' . $this->lockKey);
409

410
                return false;
411
            }
412

413
            $this->lockKey = null;
414
            $this->lock    = false;
415
        }
416

417
        return true;
418
    }
419
}
420

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.