namespace MediaWiki\Session;
use Psr\Log\LoggerAwareInterface;
+use User;
use WebRequest;
/**
*/
interface SessionManagerInterface extends LoggerAwareInterface {
/**
- * Fetch the persisted session ID in a request.
- *
- * Note this is not the same thing as whether the session associated with
- * the request is currently persistent, as the session might have been
- * first made persistent during this request.
- *
- * @param WebRequest $request
- * @return string|null
- * @throws \\OverflowException if there are multiple sessions tied for top
- * priority in the request. Exception has a property "sessionInfos"
- * holding the SessionInfo objects for the sessions involved.
- */
- public function getPersistedSessionId( WebRequest $request );
-
- /**
- * Fetch the session for a request
+ * Fetch the session for a request (or a new empty session if none is
+ * attached to it)
*
* @note You probably want to use $request->getSession() instead. It's more
* efficient and doesn't break FauxRequests or sessions that were changed
* @param WebRequest $request Any existing associated session will be reset
* to the session corresponding to the data in the request itself.
* @return Session
- * @throws \\OverflowException if there are multiple sessions tied for top
+ * @throws \OverflowException if there are multiple sessions tied for top
* priority in the request. Exception has a property "sessionInfos"
* holding the SessionInfo objects for the sessions involved.
*/
/**
* Fetch a session by ID
+ *
* @param string $id
- * @param bool $noEmpty Don't return an empty session
+ * @param bool $create If no session exists for $id, try to create a new one.
+ * May still return null if a session for $id exists but cannot be loaded.
* @param WebRequest|null $request Corresponding request. Any existing
* session associated with this WebRequest object will be overwritten.
* @return Session|null
*/
- public function getSessionById( $id, $noEmpty = false, WebRequest $request = null );
+ public function getSessionById( $id, $create = false, WebRequest $request = null );
/**
- * Fetch a new, empty session
+ * Create a new, empty session
*
* The first provider configured that is able to provide an empty session
* will be used.
*/
public function getEmptySession( WebRequest $request = null );
+ /**
+ * Invalidate sessions for a user
+ *
+ * After calling this, existing sessions should be invalid. For mutable
+ * session providers, this generally means the user has to log in again;
+ * for immutable providers, it generally means the loss of session data.
+ *
+ * @param User $user
+ */
+ public function invalidateSessionsForUser( User $user );
+
/**
* Return the HTTP headers that need varying on.
*