refactor: moved tracking stuff into own class, renamed session class (#…

…3202)

phpmyfaq/admin/dashboard.php

@@ -21,7 +21,6 @@
 use phpMyFAQ\Database;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Filter;
-use phpMyFAQ\Session;
 use phpMyFAQ\System;
 use phpMyFAQ\Template\TwigWrapper;
 use phpMyFAQ\Translation;

phpmyfaq/index.php

@@ -34,7 +34,6 @@
 use phpMyFAQ\Language;
 use phpMyFAQ\Link;
 use phpMyFAQ\Seo;
-use phpMyFAQ\Session;
 use phpMyFAQ\Session\Token;
 use phpMyFAQ\Strings;
 use phpMyFAQ\System;
@@ -44,6 +43,7 @@
 use phpMyFAQ\User\CurrentUser;
 use phpMyFAQ\User\TwoFactor;
 use phpMyFAQ\User\UserAuthentication;
+use phpMyFAQ\User\UserSession;
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Loader\PhpFileLoader;
@@ -248,9 +248,9 @@
 //
 // Found a session ID in _GET or _COOKIE?
 //
-$sidGet = Filter::filterVar($request->query->get(Session::KEY_NAME_SESSION_ID), FILTER_VALIDATE_INT);
-$sidCookie = Filter::filterVar($request->cookies->get(Session::COOKIE_NAME_SESSION_ID), FILTER_VALIDATE_INT);
-$faqSession = new Session($faqConfig);
+$sidGet = Filter::filterVar($request->query->get(UserSession::KEY_NAME_SESSION_ID), FILTER_VALIDATE_INT);
+$sidCookie = Filter::filterVar($request->cookies->get(UserSession::COOKIE_NAME_SESSION_ID), FILTER_VALIDATE_INT);
+$faqSession = new UserSession($faqConfig);
 $faqSession->setCurrentUser($user);
 
 // Note: do not track internal calls
@@ -277,7 +277,7 @@
 $sids = '';
 if ($faqConfig->get('main.enableUserTracking')) {
     if ($faqSession->getCurrentSessionId() > 0) {
-        $faqSession->setCookie(Session::COOKIE_NAME_SESSION_ID, $faqSession->getCurrentSessionId());
+        $faqSession->setCookie(UserSession::COOKIE_NAME_SESSION_ID, $faqSession->getCurrentSessionId());
         if (is_null($sidCookie)) {
             $sids = sprintf('sid=%d&lang=%s&', $faqSession->getCurrentSessionId(), $faqLangCode);
         }
@@ -288,7 +288,7 @@
     }
 } else {
     $faqSession->setCookie(
-        Session::COOKIE_NAME_SESSION_ID,
+        UserSession::COOKIE_NAME_SESSION_ID,
         $faqSession->getCurrentSessionId(),
         $request->server->get('REQUEST_TIME') + 3600
     );

phpmyfaq/services/azure/callback.php

@@ -16,12 +16,12 @@
  */
 
 use phpMyFAQ\Auth\AuthEntraId;
+use phpMyFAQ\Auth\Azure\OAuth;
 use phpMyFAQ\Configuration;
 use phpMyFAQ\Enums\AuthenticationSourceType;
 use phpMyFAQ\Filter;
-use phpMyFAQ\Session;
-use phpMyFAQ\Auth\Azure\OAuth;
 use phpMyFAQ\User\CurrentUser;
+use phpMyFAQ\User\UserSession;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface;
 
@@ -48,7 +48,7 @@
 $code = Filter::filterInput(INPUT_GET, 'code', FILTER_SANITIZE_SPECIAL_CHARS);
 $error = Filter::filterInput(INPUT_GET, 'error_description', FILTER_SANITIZE_SPECIAL_CHARS);
 
-$session = new Session($faqConfig);
+$session = new UserSession($faqConfig);
 $oAuth = new OAuth($faqConfig, $session);
 $auth = new AuthEntraId($faqConfig, $oAuth);
 
@@ -81,7 +81,7 @@
         $user->setTokenData([
                 'refresh_token' => $oAuth->getRefreshToken(),
                 'access_token' => $oAuth->getAccessToken(),
-                'code_verifier' => $session->get(Session::ENTRA_ID_OAUTH_VERIFIER),
+                'code_verifier' => $session->get(UserSession::ENTRA_ID_OAUTH_VERIFIER),
                 'jwt' => $oAuth->getToken()
             ]);
         $user->setSuccess(true);

phpmyfaq/services/azure/index.php

@@ -18,7 +18,7 @@
 use phpMyFAQ\Auth\AuthEntraId;
 use phpMyFAQ\Auth\Azure\OAuth;
 use phpMyFAQ\Configuration;
-use phpMyFAQ\Session;
+use phpMyFAQ\User\UserSession;
 
 //
 // Prepend and start the PHP session
@@ -34,7 +34,7 @@
 
 $faqConfig = Configuration::getConfigurationInstance();
 
-$session = new Session($faqConfig);
+$session = new UserSession($faqConfig);
 $oAuth = new OAuth($faqConfig, $session);
 $auth = new AuthEntraId($faqConfig, $oAuth);
 

phpmyfaq/services/azure/logout.php

@@ -18,7 +18,7 @@
 use phpMyFAQ\Auth\AuthEntraId;
 use phpMyFAQ\Auth\Azure\OAuth;
 use phpMyFAQ\Configuration;
-use phpMyFAQ\Session;
+use phpMyFAQ\User\UserSession;
 
 //
 // Prepend and start the PHP session
@@ -34,7 +34,7 @@
 
 $faqConfig = Configuration::getConfigurationInstance();
 
-$session = new Session($faqConfig);
+$session = new UserSession($faqConfig);
 $oAuth = new OAuth($faqConfig, $session);
 $auth = new AuthEntraId($faqConfig, $oAuth);
 

phpmyfaq/src/phpMyFAQ/Auth/AuthEntraId.php

@@ -22,8 +22,8 @@
 use phpMyFAQ\Configuration;
 use phpMyFAQ\Core\Exception;
 use phpMyFAQ\Enums\AuthenticationSourceType;
-use phpMyFAQ\Session;
 use phpMyFAQ\User;
+use phpMyFAQ\User\UserSession;
 use SensitiveParameter;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 
@@ -34,7 +34,7 @@
  */
 class AuthEntraId extends Auth implements AuthDriverInterface
 {
-    private readonly Session $session;
+    private readonly UserSession $session;
 
     private string $oAuthVerifier = '';
 
@@ -52,7 +52,7 @@ class AuthEntraId extends Auth implements AuthDriverInterface
     public function __construct(Configuration $configuration, private readonly OAuth $oAuth)
     {
         $this->configuration = $configuration;
-        $this->session = new Session($configuration);
+        $this->session = new UserSession($configuration);
 
         parent::__construct($configuration);
     }
@@ -129,8 +129,8 @@ public function authorize(): void
     {
         $this->createOAuthChallenge();
         $this->session->setCurrentSessionKey();
-        $this->session->set(Session::ENTRA_ID_OAUTH_VERIFIER, $this->oAuthVerifier);
-        $this->session->setCookie(Session::ENTRA_ID_OAUTH_VERIFIER, $this->oAuthVerifier, 7200, false);
+        $this->session->set(UserSession::ENTRA_ID_OAUTH_VERIFIER, $this->oAuthVerifier);
+        $this->session->setCookie(UserSession::ENTRA_ID_OAUTH_VERIFIER, $this->oAuthVerifier, 7200, false);
 
         $oAuthURL = sprintf(
             'https://login.microsoftonline.com/%s/oauth2/v2.0/authorize' .

phpmyfaq/src/phpMyFAQ/Auth/Azure/OAuth.php

@@ -18,7 +18,7 @@
 namespace phpMyFAQ\Auth\Azure;
 
 use phpMyFAQ\Configuration;
-use phpMyFAQ\Session;
+use phpMyFAQ\User\UserSession;
 use stdClass;
 use Symfony\Component\HttpClient\HttpClient;
 use Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface;
@@ -43,7 +43,7 @@ class OAuth
     /**
      * Constructor.
      */
-    public function __construct(private readonly Configuration $configuration, private readonly Session $session)
+    public function __construct(private readonly Configuration $configuration, private readonly UserSession $session)
     {
         $this->client = HttpClient::create();
     }
@@ -66,10 +66,10 @@ public function getOAuthToken(string $code): stdClass
     {
         $url = 'https://login.microsoftonline.com/' . AAD_OAUTH_TENANTID . '/oauth2/v2.0/token';
 
-        if ($this->session->get(Session::ENTRA_ID_OAUTH_VERIFIER) !== '') {
-            $codeVerifier = $this->session->get(Session::ENTRA_ID_OAUTH_VERIFIER);
+        if ($this->session->get(UserSession::ENTRA_ID_OAUTH_VERIFIER) !== '') {
+            $codeVerifier = $this->session->get(UserSession::ENTRA_ID_OAUTH_VERIFIER);
         } else {
-            $codeVerifier = $this->session->getCookie(Session::ENTRA_ID_OAUTH_VERIFIER);
+            $codeVerifier = $this->session->getCookie(UserSession::ENTRA_ID_OAUTH_VERIFIER);
         }
 
         $response = $this->client->request('POST', $url, [
@@ -118,7 +118,7 @@ public function setToken(stdClass $token): OAuth
     {
         $idToken = base64_decode(explode('.', (string) $token->id_token)[1]);
         $this->token = json_decode($idToken, null, 512, JSON_THROW_ON_ERROR);
-        $this->session->set(Session::ENTRA_ID_JWT, json_encode($this->token, JSON_THROW_ON_ERROR));
+        $this->session->set(UserSession::ENTRA_ID_JWT, json_encode($this->token, JSON_THROW_ON_ERROR));
         return $this;
     }
 

phpmyfaq/src/phpMyFAQ/Controller/Administration/SessionController.php

@@ -22,12 +22,11 @@
 use phpMyFAQ\Controller\AbstractController;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Session\Token;
-use phpMyFAQ\Session;
 use phpMyFAQ\Translation;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
 use Symfony\Component\HttpFoundation\JsonResponse;
-use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\ResponseHeaderBag;
 use Symfony\Component\Routing\Annotation\Route;
 

phpmyfaq/src/phpMyFAQ/Controller/Frontend/CommentController.php

@@ -26,12 +26,12 @@
 use phpMyFAQ\Filter;
 use phpMyFAQ\News;
 use phpMyFAQ\Notification;
-use phpMyFAQ\Session;
 use phpMyFAQ\Session\Token;
 use phpMyFAQ\StopWords;
 use phpMyFAQ\Translation;
 use phpMyFAQ\User;
 use phpMyFAQ\User\CurrentUser;
+use phpMyFAQ\User\UserSession;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
@@ -51,7 +51,7 @@ public function create(Request $request): JsonResponse
         $faq = new Faq($this->configuration);
         $comment = new Comments($this->configuration);
         $stopWords = new StopWords($this->configuration);
-        $session = new Session($this->configuration);
+        $session = new UserSession($this->configuration);
         $session->setCurrentUser($user);
 
         $language = $this->container->get('phpmyfaq.language');

phpmyfaq/src/phpMyFAQ/Controller/Frontend/FaqController.php

@@ -22,18 +22,16 @@
 use phpMyFAQ\Core\Exception;
 use phpMyFAQ\Entity\FaqEntity;
 use phpMyFAQ\Enums\PermissionType;
-use phpMyFAQ\Faq;
 use phpMyFAQ\Faq\MetaData;
 use phpMyFAQ\Filter;
 use phpMyFAQ\Helper\CategoryHelper;
 use phpMyFAQ\Helper\FaqHelper;
-use phpMyFAQ\Language;
 use phpMyFAQ\Notification;
 use phpMyFAQ\Question;
-use phpMyFAQ\Session;
 use phpMyFAQ\StopWords;
 use phpMyFAQ\Translation;
 use phpMyFAQ\User\CurrentUser;
+use phpMyFAQ\User\UserSession;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
@@ -53,7 +51,7 @@ public function create(Request $request): JsonResponse
         $category = new Category($this->configuration);
         $question = new Question($this->configuration);
         $stopWords = new StopWords($this->configuration);
-        $session = new Session($this->configuration);
+        $session = new UserSession($this->configuration);
         $session->setCurrentUser($user);
 
         $language = $this->container->get('phpmyfaq.language');

phpmyfaq/src/phpMyFAQ/Controller/Frontend/VotingController.php

@@ -22,9 +22,9 @@
 use phpMyFAQ\Entity\Vote;
 use phpMyFAQ\Filter;
 use phpMyFAQ\Rating;
-use phpMyFAQ\Session;
 use phpMyFAQ\Translation;
 use phpMyFAQ\User\CurrentUser;
+use phpMyFAQ\User\UserSession;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
@@ -38,7 +38,7 @@ public function create(Request $request): JsonResponse
     {
         $user = CurrentUser::getCurrentUser($this->configuration);
         $rating = new Rating($this->configuration);
-        $session = new Session($this->configuration);
+        $session = new UserSession($this->configuration);
         $session->setCurrentUser($user);
 
         $data = json_decode($request->getContent());

phpmyfaq/src/phpMyFAQ/User/CurrentUser.php

@@ -27,7 +27,6 @@
 use phpMyFAQ\Database;
 use phpMyFAQ\Filter;
 use phpMyFAQ\Permission\MediumPermission;
-use phpMyFAQ\Session;
 use phpMyFAQ\User;
 use Symfony\Component\HttpFoundation\Request;
 
@@ -62,7 +61,7 @@ class CurrentUser extends User
     /**
      * The Session class object
      */
-    private readonly Session $session;
+    private readonly UserSession $session;
 
     /**
      * Specifies the timeout for the session-ID in minutes. If the session ID
@@ -96,7 +95,7 @@ class CurrentUser extends User
     public function __construct(Configuration $configuration)
     {
         parent::__construct($configuration);
-        $this->session = new Session($configuration);
+        $this->session = new UserSession($configuration);
     }
 
     /**
@@ -172,7 +171,7 @@ public function login(string $login, string $password): bool
                 $rememberMe = sha1(session_id());
                 $this->setRememberMe($rememberMe);
                 $this->session->setCookie(
-                    Session::COOKIE_NAME_REMEMBER_ME,
+                    UserSession::COOKIE_NAME_REMEMBER_ME,
                     $rememberMe,
                     Request::createFromGlobals()->server->get('REQUEST_TIME') + self::PMF_REMEMBER_ME_EXPIRED_TIME
                 );
@@ -434,7 +433,7 @@ public function deleteFromSession(bool $deleteCookie = false): bool
         }
 
         if ($deleteCookie) {
-            $this->session->setCookie(Session::COOKIE_NAME_REMEMBER_ME, '');
+            $this->session->setCookie(UserSession::COOKIE_NAME_REMEMBER_ME, '');
         }
 
         session_destroy();
@@ -566,13 +565,13 @@ public static function getFromSession(Configuration $configuration): ?CurrentUse
     public static function getFromCookie(Configuration $configuration): ?CurrentUser
     {
         $request = Request::createFromGlobals();
-        if ($request->cookies->get(Session::COOKIE_NAME_REMEMBER_ME) === null) {
+        if ($request->cookies->get(UserSession::COOKIE_NAME_REMEMBER_ME) === null) {
             return null;
         }
 
         // create a new CurrentUser object
         $user = new self($configuration);
-        $user->getUserByCookie($request->cookies->get(Session::COOKIE_NAME_REMEMBER_ME));
+        $user->getUserByCookie($request->cookies->get(UserSession::COOKIE_NAME_REMEMBER_ME));
 
         if (-1 === $user->getUserId()) {
             return null;