class MetadataBag

Same name in other branches
  1. 8.9.x core/lib/Drupal/Core/Session/MetadataBag.php \Drupal\Core\Session\MetadataBag
  2. 10 core/lib/Drupal/Core/Session/MetadataBag.php \Drupal\Core\Session\MetadataBag
  3. 11.x core/lib/Drupal/Core/Session/MetadataBag.php \Drupal\Core\Session\MetadataBag

Provides a container for application specific session metadata.

Hierarchy

  • class \Drupal\Core\Session\MetadataBag extends \Symfony\Component\HttpFoundation\Session\Storage\MetadataBag

Expanded class hierarchy of MetadataBag

3 files declare their use of MetadataBag
CsrfTokenGenerator.php in core/lib/Drupal/Core/Access/CsrfTokenGenerator.php
MetadataBagTest.php in core/tests/Drupal/Tests/Core/Session/MetadataBagTest.php
SessionManagerTest.php in core/tests/Drupal/Tests/Core/Session/SessionManagerTest.php
1 string reference to 'MetadataBag'
core.services.yml in core/core.services.yml
core/core.services.yml
1 service uses MetadataBag
session_manager.metadata_bag in core/core.services.yml
Drupal\Core\Session\MetadataBag

File

core/lib/Drupal/Core/Session/MetadataBag.php, line 12

Namespace

Drupal\Core\Session
View source
class MetadataBag extends SymfonyMetadataBag {
    
    /**
     * The key used to store the CSRF token seed in the session.
     */
    const CSRF_TOKEN_SEED = 's';
    
    /**
     * Constructs a new metadata bag instance.
     *
     * @param \Drupal\Core\Site\Settings $settings
     *   The settings instance.
     */
    public function __construct(Settings $settings) {
        $update_threshold = $settings->get('session_write_interval', 180);
        parent::__construct('_sf2_meta', $update_threshold);
    }
    
    /**
     * Set the CSRF token seed.
     *
     * @param string $csrf_token_seed
     *   The per-session CSRF token seed.
     */
    public function setCsrfTokenSeed($csrf_token_seed) {
        $this->meta[static::CSRF_TOKEN_SEED] = $csrf_token_seed;
    }
    
    /**
     * Get the CSRF token seed.
     *
     * @return string|null
     *   The per-session CSRF token seed or null when no value is set.
     */
    public function getCsrfTokenSeed() {
        if (isset($this->meta[static::CSRF_TOKEN_SEED])) {
            return $this->meta[static::CSRF_TOKEN_SEED];
        }
    }
    
    /**
     * {@inheritdoc}
     */
    public function stampNew($lifetime = NULL) {
        parent::stampNew($lifetime);
        // Set the token seed immediately to avoid a race condition between two
        // simultaneous requests without a seed.
        $this->setCsrfTokenSeed(Crypt::randomBytesBase64());
    }
    
    /**
     * Clear the CSRF token seed.
     */
    public function clearCsrfTokenSeed() {
        @trigger_error('Calling ' . __METHOD__ . '() is deprecated in drupal:9.2.0 and will be removed in drupal:10.0.0. Use \\Drupal\\Core\\Session\\MetadataBag::stampNew() instead. See https://www.drupal.org/node/3187914', E_USER_DEPRECATED);
        unset($this->meta[static::CSRF_TOKEN_SEED]);
    }

}

Members

Title Sort descending Modifiers Object type Summary
MetadataBag::clearCsrfTokenSeed public function Clear the CSRF token seed.
MetadataBag::CSRF_TOKEN_SEED constant The key used to store the CSRF token seed in the session.
MetadataBag::getCsrfTokenSeed public function Get the CSRF token seed.
MetadataBag::setCsrfTokenSeed public function Set the CSRF token seed.
MetadataBag::stampNew public function
MetadataBag::__construct public function Constructs a new metadata bag instance.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.