Packages/DigiComp.FlowSessionLock
2
0
Fork 0
Code Pull requests Releases Activity

Compare commits

base: Packages:9e3d1fd2aca8c5121f3f92e7a5acccaf7a023488
Branches Tags
Packages:master
Packages:feature/php-and-flow-migration
Packages:develop
Packages:version/2.x-dev
Packages:4.0.2
Packages:4.0.1
Packages:4.0.0
Packages:3.0.0
Packages:2.1.2
Packages:2.1.1
Packages:2.1.0
Packages:2.0.0
Packages:1.0.0
..
compare: Packages:aaacd95a065805c6bc35b3b27d10c262d6ab1661
Branches Tags
Packages:feature/php-and-flow-migration
Packages:develop
Packages:master
Packages:version/2.x-dev
Packages:4.0.2
Packages:4.0.1
Packages:4.0.0
Packages:3.0.0
Packages:2.1.2
Packages:2.1.1
Packages:2.1.0
Packages:2.0.0
Packages:1.0.0

No commits in common. "9e3d1fd2aca8c5121f3f92e7a5acccaf7a023488" and "aaacd95a065805c6bc35b3b27d10c262d6ab1661" have entirely different histories.
9e3d1fd2ac ... aaacd95a06

6 changed files with 30 additions and 52 deletions
Show stats Expand all files Collapse all files

7
.woodpecker/code-style.yml
View file

@ -1,7 +0,0 @@
pipeline:
code-style:
image: composer
commands:
- composer global config repositories.repo-name vcs https://git.digital-competence.de/Packages/php-codesniffer
- composer global require digicomp/php-codesniffer:@dev
- composer global exec -- phpcs --runtime-set ignore_warnings_on_exit 1 --standard=DigiComp Classes/ Tests/

7
Classes/Aspects/ReadOnlyAspect.php
View file

@ -4,7 +4,7 @@ declare(strict_types=1);
namespace DigiComp\FlowSessionLock\Aspects; namespace DigiComp\FlowSessionLock\Aspects;
use DigiComp\FlowSessionLock\Http\SessionLockRequestMiddleware; use DigiComp\FlowSessionLock\Http\SessionLockRequestComponent;
use Neos\Flow\Annotations as Flow; use Neos\Flow\Annotations as Flow;
use Neos\Flow\Aop\JoinPointInterface; use Neos\Flow\Aop\JoinPointInterface;
use Neos\Flow\Core\Bootstrap; use Neos\Flow\Core\Bootstrap;
@ -52,8 +52,9 @@ class ReadOnlyAspect
$this->readOnly = true; $this->readOnly = true;
/** @var Lock|null $lock */ /** @var Lock|null $lock */
$lock = $activeRequestHandler->getHttpRequest()->getAttribute( $lock = $activeRequestHandler->getComponentContext()->getParameter(
SessionLockRequestMiddleware::class . '.' . SessionLockRequestMiddleware::PARAMETER_NAME SessionLockRequestComponent::class,
SessionLockRequestComponent::PARAMETER_NAME
); );
if ($lock !== null) { if ($lock !== null) {
$this->logger->debug('SessionLock: Release, as this is marked read only.'); $this->logger->debug('SessionLock: Release, as this is marked read only.');

17
Classes/Http/SessionLockRequestMiddleware.php → Classes/Http/SessionLockRequestComponent.php
View file

@ -5,16 +5,14 @@ declare(strict_types=1);
namespace DigiComp\FlowSessionLock\Http; namespace DigiComp\FlowSessionLock\Http;
use Neos\Flow\Annotations as Flow; use Neos\Flow\Annotations as Flow;
use Psr\Http\Message\ResponseInterface; use Neos\Flow\Http\Component\ComponentContext;
use Psr\Http\Message\ServerRequestInterface; use Neos\Flow\Http\Component\ComponentInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
use Symfony\Component\Lock\Exception\LockAcquiringException; use Symfony\Component\Lock\Exception\LockAcquiringException;
use Symfony\Component\Lock\Key; use Symfony\Component\Lock\Key;
use Symfony\Component\Lock\LockFactory; use Symfony\Component\Lock\LockFactory;
class SessionLockRequestMiddleware implements MiddlewareInterface class SessionLockRequestComponent implements ComponentInterface
{ {
public const PARAMETER_NAME = 'sessionLock'; public const PARAMETER_NAME = 'sessionLock';
@ -57,13 +55,13 @@ class SessionLockRequestMiddleware implements MiddlewareInterface
/** /**
* @inheritDoc * @inheritDoc
*/ */
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface public function handle(ComponentContext $componentContext): void
{ {
$sessionCookieName = $this->sessionSettings['name']; $sessionCookieName = $this->sessionSettings['name'];
$cookies = $request->getCookieParams(); $cookies = $componentContext->getHttpRequest()->getCookieParams();
if (!isset($cookies[$sessionCookieName])) { if (!isset($cookies[$sessionCookieName])) {
return $handler->handle($request); return;
} }
// TODO: sessionIdentifier might be wrong, probably it should probably be storage identifier // TODO: sessionIdentifier might be wrong, probably it should probably be storage identifier
@ -71,7 +69,7 @@ class SessionLockRequestMiddleware implements MiddlewareInterface
$lock = $this->lockFactory->createLockFromKey($key, $this->timeToLive, $this->autoRelease); $lock = $this->lockFactory->createLockFromKey($key, $this->timeToLive, $this->autoRelease);
$request = $request->withAttribute(SessionLockRequestMiddleware::class . '.' . static::PARAMETER_NAME, $lock); $componentContext->setParameter(SessionLockRequestComponent::class, static::PARAMETER_NAME, $lock);
$this->logger->debug('SessionLock: Try to get "' . $key . '"'); $this->logger->debug('SessionLock: Try to get "' . $key . '"');
$timedOut = \time() + $this->secondsToWait; $timedOut = \time() + $this->secondsToWait;
@ -85,6 +83,5 @@ class SessionLockRequestMiddleware implements MiddlewareInterface
\usleep(100000); \usleep(100000);
} }
$this->logger->debug('SessionLock: Acquired "' . $key . '"'); $this->logger->debug('SessionLock: Acquired "' . $key . '"');
return $handler->handle($request);
} }
} }

8
Configuration/Settings.yaml
View file

@ -9,7 +9,9 @@ DigiComp:
Neos: Neos:
Flow: Flow:
http: http:
middlewares: chain:
preprocess:
chain:
lockSession: lockSession:
position: "before session" position: "before getSessionCookieFromRequest"
middleware: "DigiComp\\FlowSessionLock\\Http\\SessionLockRequestMiddleware" component: "DigiComp\\FlowSessionLock\\Http\\SessionLockRequestComponent"

24
Tests/Functional/SessionLockRequestComponentTest.php
View file

@ -4,7 +4,6 @@ namespace DigiComp\FlowSessionLock\Tests\Functional;
use DigiComp\FlowSessionLock\Tests\Functional\Fixtures\Controller\ExampleController; use DigiComp\FlowSessionLock\Tests\Functional\Fixtures\Controller\ExampleController;
use GuzzleHttp\Psr7\Uri; use GuzzleHttp\Psr7\Uri;
use Neos\Flow\Composer\ComposerUtility;
use Neos\Flow\Http\Cookie; use Neos\Flow\Http\Cookie;
use Neos\Flow\Mvc\Routing\Route; use Neos\Flow\Mvc\Routing\Route;
use Neos\Flow\Tests\FunctionalTestCase; use Neos\Flow\Tests\FunctionalTestCase;
@ -44,16 +43,16 @@ class SessionLockRequestComponentTest extends FunctionalTestCase
function ($allRequests, $oneRequest) { function ($allRequests, $oneRequest) {
self::assertGreaterThan(ExampleController::CONTROLLER_TIME, $oneRequest * 1000); self::assertGreaterThan(ExampleController::CONTROLLER_TIME, $oneRequest * 1000);
self::assertGreaterThan(ExampleController::CONTROLLER_TIME * 4, $allRequests * 1000); self::assertGreaterThan(ExampleController::CONTROLLER_TIME * 4, $allRequests * 1000);
}, }
], ],
[ [
'http://localhost/test/sessionlock/unprotectedbyannotation', 'http://localhost/test/sessionlock/unprotectedbyannotation',
$parallelChecker, $parallelChecker
], ],
[ [
'http://localhost/test/sessionlock/unprotectedbyconfiguration', 'http://localhost/test/sessionlock/unprotectedbyconfiguration',
$parallelChecker, $parallelChecker
], ]
]; ];
} }
@ -63,21 +62,18 @@ class SessionLockRequestComponentTest extends FunctionalTestCase
*/ */
public function itDoesNotAllowToEnterMoreThanOneWithTheSameSession(string $url, \Closure $checker): void public function itDoesNotAllowToEnterMoreThanOneWithTheSameSession(string $url, \Closure $checker): void
{ {
// Functional tests are currently broken, until a version containing
// https://github.com/neos/flow-development-collection/commit/bebfc4e6566bc4ba2ba28330344105adb2d6ada0
// gets released
$request = $this->serverRequestFactory $request = $this->serverRequestFactory
->createServerRequest('GET', new Uri($url)); ->createServerRequest('GET', new Uri($url));
$start = \microtime(true); $start = microtime(true);
$response = $this->browser->sendRequest($request); $response = $this->browser->sendRequest($request);
$neededForOne = \microtime(true) - $start; $neededForOne = microtime(true) - $start;
$sessionCookies = \array_map(static function ($cookie) { $sessionCookies = array_map(static function ($cookie) {
return Cookie::createFromRawSetCookieHeader($cookie); return Cookie::createFromRawSetCookieHeader($cookie);
}, $response->getHeader('Set-Cookie')); }, $response->getHeader('Set-Cookie'));
self::assertNotEmpty($sessionCookies); self::assertNotEmpty($sessionCookies);
$cookies = \array_reduce($sessionCookies, static function ($out, $cookie) { $cookies = array_reduce($sessionCookies, static function ($out, $cookie) {
$out[$cookie->getName()] = $cookie->getValue(); $out[$cookie->getName()] = $cookie->getValue();
return $out; return $out;
}, []); }, []);
@ -85,7 +81,7 @@ class SessionLockRequestComponentTest extends FunctionalTestCase
->createServerRequest('GET', new Uri($url)) ->createServerRequest('GET', new Uri($url))
->withCookieParams($cookies); ->withCookieParams($cookies);
$childs = []; $childs = [];
$start = \microtime(true); $start = microtime(true);
for ($i = 0; $i < 4; $i++) { for ($i = 0; $i < 4; $i++) {
$child = \pcntl_fork(); $child = \pcntl_fork();
if ($child === 0) { if ($child === 0) {
@ -97,7 +93,7 @@ class SessionLockRequestComponentTest extends FunctionalTestCase
foreach ($childs as $child) { foreach ($childs as $child) {
\pcntl_waitpid($child, $status); \pcntl_waitpid($child, $status);
} }
$neededForAll = \microtime(true) - $start; $neededForAll = microtime(true) - $start;
$checker($neededForAll, $neededForOne); $checker($neededForAll, $neededForOne);
} }

17
composer.json
View file

@ -3,7 +3,7 @@
"description": "Session locking for Neos Flow - it secures the session becoming corrupted by concurrent access to the same session by different requests", "description": "Session locking for Neos Flow - it secures the session becoming corrupted by concurrent access to the same session by different requests",
"type": "neos-package", "type": "neos-package",
"require": { "require": {
"neos/flow": "^7.3.0", "neos/flow": "^6.3.0",
"php": ">=7.4", "php": ">=7.4",
"symfony/lock": "^5.2.0" "symfony/lock": "^5.2.0"
}, },
@ -20,19 +20,8 @@
"package-key": "DigiComp.FlowSessionLock" "package-key": "DigiComp.FlowSessionLock"
}, },
"branch-alias": { "branch-alias": {
"dev-develop": "3.0.x-dev" "dev-develop": "2.0.x-dev"
}, }
"applied-flow-migrations": [
"Neos.SwiftMailer-20161130105617",
"Neos.Flow-20180415105700",
"Neos.Flow-20190425144900",
"Neos.Flow-20190515215000",
"Neos.Flow-20200813181400",
"Neos.Flow-20201003165200",
"Neos.Flow-20201109224100",
"Neos.Flow-20201205172733",
"Neos.Flow-20201207104500"
]
}, },
"authors": [ "authors": [
{ {