Give sessions real PHIDs and slightly modernize session queries

+2

resources/sql/autopatches/20181213.auth.01.sessionphid.sql

··· 1 + ALTER TABLE {$NAMESPACE}_user.phabricator_session 2 + ADD phid VARBINARY(64) NOT NULL;

+18

resources/sql/autopatches/20181213.auth.02.populatephid.php

··· 1 + <?php 2 + 3 + $table = new PhabricatorAuthSession(); 4 + $iterator = new LiskMigrationIterator($table); 5 + $conn = $table->establishConnection('w'); 6 + 7 + foreach ($iterator as $session) { 8 + if (strlen($session->getPHID())) { 9 + continue; 10 + } 11 + 12 + queryfx( 13 + $conn, 14 + 'UPDATE %R SET phid = %s WHERE id = %d', 15 + $table, 16 + $session->generatePHID(), 17 + $session->getID()); 18 + }

+2

resources/sql/autopatches/20181213.auth.03.phidkey.sql

··· 1 + ALTER TABLE {$NAMESPACE}_user.phabricator_session 2 + ADD UNIQUE KEY `key_phid` (phid);

+2

src/__phutil_library_map__.php

··· 2296 2296 'PhabricatorAuthSessionEngineExtensionModule' => 'applications/auth/engine/PhabricatorAuthSessionEngineExtensionModule.php', 2297 2297 'PhabricatorAuthSessionGarbageCollector' => 'applications/auth/garbagecollector/PhabricatorAuthSessionGarbageCollector.php', 2298 2298 'PhabricatorAuthSessionInfo' => 'applications/auth/data/PhabricatorAuthSessionInfo.php', 2299 + 'PhabricatorAuthSessionPHIDType' => 'applications/auth/phid/PhabricatorAuthSessionPHIDType.php', 2299 2300 'PhabricatorAuthSessionQuery' => 'applications/auth/query/PhabricatorAuthSessionQuery.php', 2300 2301 'PhabricatorAuthSessionRevoker' => 'applications/auth/revoker/PhabricatorAuthSessionRevoker.php', 2301 2302 'PhabricatorAuthSetPasswordController' => 'applications/auth/controller/PhabricatorAuthSetPasswordController.php', ··· 7948 7949 'PhabricatorAuthSessionEngineExtensionModule' => 'PhabricatorConfigModule', 7949 7950 'PhabricatorAuthSessionGarbageCollector' => 'PhabricatorGarbageCollector', 7950 7951 'PhabricatorAuthSessionInfo' => 'Phobject', 7952 + 'PhabricatorAuthSessionPHIDType' => 'PhabricatorPHIDType', 7951 7953 'PhabricatorAuthSessionQuery' => 'PhabricatorCursorPagedPolicyAwareQuery', 7952 7954 'PhabricatorAuthSessionRevoker' => 'PhabricatorAuthRevoker', 7953 7955 'PhabricatorAuthSetPasswordController' => 'PhabricatorAuthController',

+1

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

··· 119 119 $conn_r, 120 120 'SELECT 121 121 s.id AS s_id, 122 + s.phid AS s_phid, 122 123 s.sessionExpires AS s_sessionExpires, 123 124 s.sessionStart AS s_sessionStart, 124 125 s.highSecurityUntil AS s_highSecurityUntil,

+34

src/applications/auth/phid/PhabricatorAuthSessionPHIDType.php

··· 1 + <?php 2 + 3 + final class PhabricatorAuthSessionPHIDType 4 + extends PhabricatorPHIDType { 5 + 6 + const TYPECONST = 'SSSN'; 7 + 8 + public function getTypeName() { 9 + return pht('Session'); 10 + } 11 + 12 + public function newObject() { 13 + return new PhabricatorAuthSession(); 14 + } 15 + 16 + public function getPHIDTypeApplicationClass() { 17 + return 'PhabricatorAuthApplication'; 18 + } 19 + 20 + protected function buildQueryForObjects( 21 + PhabricatorObjectQuery $query, 22 + array $phids) { 23 + return id(new PhabricatorAuthSessionQuery()) 24 + ->withPHIDs($phids); 25 + } 26 + 27 + public function loadHandles( 28 + PhabricatorHandleQuery $query, 29 + array $handles, 30 + array $objects) { 31 + return; 32 + } 33 + 34 + }

+20 -16

src/applications/auth/query/PhabricatorAuthSessionQuery.php

··· 4 4 extends PhabricatorCursorPagedPolicyAwareQuery { 5 5 6 6 private $ids; 7 + private $phids; 7 8 private $identityPHIDs; 8 9 private $sessionKeys; 9 10 private $sessionTypes; ··· 28 29 return $this; 29 30 } 30 31 31 - protected function loadPage() { 32 - $table = new PhabricatorAuthSession(); 33 - $conn_r = $table->establishConnection('r'); 32 + public function withPHIDs(array $phids) { 33 + $this->phids = $phids; 34 + return $this; 35 + } 34 36 35 - $data = queryfx_all( 36 - $conn_r, 37 - 'SELECT * FROM %T %Q %Q %Q', 38 - $table->getTableName(), 39 - $this->buildWhereClause($conn_r), 40 - $this->buildOrderClause($conn_r), 41 - $this->buildLimitClause($conn_r)); 37 + public function newResultObject() { 38 + return new PhabricatorAuthSession(); 39 + } 42 40 43 - return $table->loadAllFromArray($data); 41 + protected function loadPage() { 42 + return $this->loadStandardPage($this->newResultObject()); 44 43 } 45 44 46 45 protected function willFilterPage(array $sessions) { ··· 65 64 return $sessions; 66 65 } 67 66 68 - protected function buildWhereClause(AphrontDatabaseConnection $conn) { 69 - $where = array(); 67 + protected function buildWhereClauseParts(AphrontDatabaseConnection $conn) { 68 + $where = parent::buildWhereClauseParts($conn); 70 69 71 70 if ($this->ids !== null) { 72 71 $where[] = qsprintf( ··· 75 74 $this->ids); 76 75 } 77 76 77 + if ($this->phids !== null) { 78 + $where[] = qsprintf( 79 + $conn, 80 + 'phid IN (%Ls)', 81 + $this->phids); 82 + } 83 + 78 84 if ($this->identityPHIDs !== null) { 79 85 $where[] = qsprintf( 80 86 $conn, ··· 100 106 $this->sessionTypes); 101 107 } 102 108 103 - $where[] = $this->buildPagingClause($conn); 104 - 105 - return $this->formatWhereClause($conn, $where); 109 + return $where; 106 110 } 107 111 108 112 public function getQueryApplicationClass() {

+5

src/applications/auth/storage/PhabricatorAuthSession.php

··· 20 20 protected function getConfiguration() { 21 21 return array( 22 22 self::CONFIG_TIMESTAMPS => false, 23 + self::CONFIG_AUX_PHID => true, 23 24 self::CONFIG_COLUMN_SCHEMA => array( 24 25 'type' => 'text32', 25 26 'sessionKey' => 'bytes40', ··· 72 73 default: 73 74 throw new Exception(pht('Unknown session type "%s".', $session_type)); 74 75 } 76 + } 77 + 78 + public function getPHIDType() { 79 + return PhabricatorAuthSessionPHIDType::TYPECONST; 75 80 } 76 81 77 82 public function isHighSecuritySession() {

Configure Feed

Configure Feed