Aura\Session handler middleware
composer require vperyod/session-handler
See Aura\Session documentation.
<?php
// Create handler, optionally passing Aura\SessionFactory instance
$handler = new Vperyod\SessionHandler\SessionHandler($sessionFactory);
// Optionally set the `SessionAttribute`, the name of the attribute on which to
// store the `Session` in the `Request`. Defaults to 'aura/session:session'
$handler->setSessionAttribute('session');
// Add to your middleware stack, radar, relay, etc.
$stack->middleware($handler);
// Subsequest dealings with `Request` will have the `Session` instance available at
// the previous specified atribute
$session = $request->getAttribute('session');
// The `SessionRequestAwareTrait` should make dealings easier.
//
// Have all your objects that deal with the session attribute on the request use
// the `SessionRequestAwareTrait` and have your DI container use the setter, so that
// they all know where the session object is stored.
class MyMiddleware
{
use \Vperyod\SessionHandler\SessionRequestAwareTrait;
public function __invoke($request, $response, $next)
{
$session = $this->getSession($request);
// ... do stuff with session...
return $next($request, $response);
}
}
// Getting input for an action from a session
class MyInputExtractor
{
use \Vperyod\SessionHandler\SessionRequestAwareTrait;
public function __invoke($request)
{
return [
'session' => $this->getSession($request),
'data' => $request->getParsedBody()
];
}
}
// Flash messaging in a responder
class MyAbstractResponder
{
use \Vperyod\SessionHandler\SessionRequestAwareTrait;
//...
public function success()
{
$this->getSession($this->request)
->getSegment('My\\Messages')
->setFlash('message', 'You have Successfully Done Something!');
return $this->redirect();
}
public function renderView()
{
$messages = $this->getSession($this->request)
->getSegment('My\\Messages')
->getFlash('message');
$this->view->addData(['messages' => $messages]);
// ...
}
}use \Vperyod\SessionHandler\SessionHandler;
use \Vperyod\SessionHandler\CsrfHandler;
$csrfFail = function ($request, $response, $next) {
$response->getBody()->write('FAIL');
return $response;
}
$session = new SessionHandler();
$csrf = new CsrfHandler($csrfFail); // optionally pass a fail responder callable
$stack->middleware($session); // make sure sesison handler is first
$stack->middleware($csrf);
// SessionRequestAwareTrait will provide methods for passing CSRF info to View
class MyAbstractResponder
{
use SessionRequestAwareTrait;
public function renderView()
{
// ...
$this->view->addData(['csrf' => $this->getCsrfSpec()]);
// [
// 'type' => 'hidden',
// 'name' => '__csrf_token',
// 'value' => $csrfValue
// ]
// ...
}
}
// in view using aura/html
$this->input($this->csrf);