X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fsession%2FCookieSessionProvider.php;h=79fc720d1ea526b33182f923275b1e0664d3a2fd;hb=7471e1db1b613d035f981f489f8683a177acff7e;hp=8ce3174dc0255e5e642b66f2cb806966ca153dd3;hpb=58cb1f824ac75c3b58ba19d1e88c1b38f9dc1fab;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/session/CookieSessionProvider.php b/includes/session/CookieSessionProvider.php
index 8ce3174dc0..79fc720d1e 100644
--- a/includes/session/CookieSessionProvider.php
+++ b/includes/session/CookieSessionProvider.php
@@ -217,19 +217,13 @@ class CookieSessionProvider extends SessionProvider {
 			[ 'prefix' => '' ] + $options
 		);
 
-		$extendedCookies = $this->config->get( 'ExtendedLoginCookies' );
-		$extendedExpiry = $this->config->get( 'ExtendedLoginCookieExpiration' );
-
 		foreach ( $cookies as $key => $value ) {
 			if ( $value === false ) {
 				$response->clearCookie( $key, $options );
 			} else {
-				if ( $extendedExpiry !== null && in_array( $key, $extendedCookies ) ) {
-					$expiry = time() + (int)$extendedExpiry;
-				} else {
-					$expiry = 0; // Default cookie expiration
-				}
-				$response->setCookie( $key, (string)$value, $expiry, $options );
+				$expirationDuration = $this->getLoginCookieExpiration( $key, $session->shouldRememberUser() );
+				$expiration = $expirationDuration ? $expirationDuration + time() : null;
+				$response->setCookie( $key, (string)$value, $expiration, $options );
 			}
 		}
 
@@ -276,7 +270,16 @@ class CookieSessionProvider extends SessionProvider {
 	) {
 		$response = $request->response();
 		if ( $set ) {
-			$response->setCookie( 'forceHTTPS', 'true', $backend->shouldRememberUser() ? 0 : null,
+			if ( $backend->shouldRememberUser() ) {
+				$expirationDuration = $this->getLoginCookieExpiration(
+					'forceHTTPS',
+					true
+				);
+				$expiration = $expirationDuration ? $expirationDuration + time() : null;
+			} else {
+				$expiration = null;
+			}
+			$response->setCookie( 'forceHTTPS', 'true', $expiration,
 				[ 'prefix' => '', 'secure' => false ] + $this->cookieOptions );
 		} else {
 			$response->clearCookie( 'forceHTTPS',
@@ -396,4 +399,41 @@ class CookieSessionProvider extends SessionProvider {
 		return wfMessage( 'sessionprovider-nocookies' );
 	}
 
+	public function getRememberUserDuration() {
+		return min( $this->getLoginCookieExpiration( 'UserID', true ),
+			$this->getLoginCookieExpiration( 'Token', true ) ) ?: null;
+	}
+
+	/**
+	 * Gets the list of cookies that must be set to the 'remember me' duration,
+	 * if $wgExtendedLoginCookieExpiration is in use.
+	 *
+	 * @return string[] Array of unprefixed cookie keys
+	 */
+	protected function getExtendedLoginCookies() {
+		return [ 'UserID', 'UserName', 'Token' ];
+	}
+
+	/**
+	 * Returns the lifespan of the login cookies, in seconds. 0 means until the end of the session.
+	 *
+	 * Cookies that are session-length do not call this function.
+	 *
+	 * @param string $cookieName
+	 * @param boolean $shouldRememberUser Whether the user should be remembered
+	 *   long-term
+	 * @return int Cookie expiration time in seconds; 0 for session cookies
+	 */
+	protected function getLoginCookieExpiration( $cookieName, $shouldRememberUser ) {
+		$extendedCookies = $this->getExtendedLoginCookies();
+		$normalExpiration = $this->config->get( 'CookieExpiration' );
+
+		if ( $shouldRememberUser && in_array( $cookieName, $extendedCookies, true ) ) {
+			$extendedExpiration = $this->config->get( 'ExtendedLoginCookieExpiration' );
+
+			return ( $extendedExpiration !== null ) ? (int)$extendedExpiration : (int)$normalExpiration;
+		} else {
+			return (int)$normalExpiration;
+		}
+	}
 }