function SessionManager::regenerate
Same name in other branches
- 9 core/lib/Drupal/Core/Session/SessionManager.php \Drupal\Core\Session\SessionManager::regenerate()
- 10 core/lib/Drupal/Core/Session/SessionManager.php \Drupal\Core\Session\SessionManager::regenerate()
- 11.x core/lib/Drupal/Core/Session/SessionManager.php \Drupal\Core\Session\SessionManager::regenerate()
File
-
core/
lib/ Drupal/ Core/ Session/ SessionManager.php, line 207
Class
- SessionManager
- Manages user sessions.
Namespace
Drupal\Core\SessionCode
public function regenerate($destroy = FALSE, $lifetime = NULL) {
// Nothing to do if we are not allowed to change the session.
if ($this->isCli()) {
return;
}
// We do not support the optional $destroy and $lifetime parameters as long
// as #2238561 remains open.
if ($destroy || isset($lifetime)) {
throw new \InvalidArgumentException('The optional parameters $destroy and $lifetime of SessionManager::regenerate() are not supported currently');
}
if ($this->isStarted()) {
$old_session_id = $this->getId();
// Save and close the old session. Call the parent method to avoid issue
// with session destruction due to the session being considered obsolete.
parent::save();
// Ensure the session is reloaded correctly.
$this->startedLazy = TRUE;
}
session_id(Crypt::randomBytesBase64());
// We set token seed immediately to avoid race condition between two
// simultaneous requests without a seed.
$this->getMetadataBag()
->setCsrfTokenSeed(Crypt::randomBytesBase64());
if (isset($old_session_id)) {
$params = session_get_cookie_params();
$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
setcookie($this->getName(), $this->getId(), $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
$this->migrateStoredSession($old_session_id);
}
$this->startNow();
}Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.