云策 WordPress 开发者社区

类文档

WP_User_Meta_Session_Tokens

查看官方原文 ↗
💡 云策文档标注

概述

WP_User_Meta_Session_Tokens 是一个基于用户元数据(usermeta)管理用户会话令牌的类,继承自 WP_Session_Tokens。它提供了会话的增删改查、批量操作和清理功能。

关键要点

  • 继承自 WP_Session_Tokens,用于处理用户会话令牌的存储和管理。
  • 核心方法包括获取会话(get_sessions、get_session)、更新会话(update_session、update_sessions)、销毁会话(destroy_all_sessions、destroy_other_sessions)以及全局清理(drop_sessions)。
  • 使用 get_user_meta 和 update_user_meta 在 usermeta 表中操作会话数据,确保数据持久化。
  • 支持会话验证器(verifier)作为键来标识和操作特定会话。

代码示例

protected function get_sessions() {
    $sessions = get_user_meta( $this->user_id, 'session_tokens', true );

    if ( ! is_array( $sessions ) ) {
        return array();
    }

    $sessions = array_map( array( $this, 'prepare_session' ), $sessions );
    return array_filter( $sessions, array( $this, 'is_still_valid' ) );
}
📄 原文内容

Meta-based user sessions token manager.

Description

See also

Methods

Name Description
WP_User_Meta_Session_Tokens::destroy_all_sessions Destroys all session tokens for the user.
WP_User_Meta_Session_Tokens::destroy_other_sessions Destroys all sessions for this user, except the single session with the given verifier.
WP_User_Meta_Session_Tokens::drop_sessions Destroys all sessions for all users.
WP_User_Meta_Session_Tokens::get_session Retrieves a session based on its verifier (token hash).
WP_User_Meta_Session_Tokens::get_sessions Retrieves all sessions of the user.
WP_User_Meta_Session_Tokens::prepare_session Converts an expiration to an array of session information.
WP_User_Meta_Session_Tokens::update_session Updates a session based on its verifier (token hash).
WP_User_Meta_Session_Tokens::update_sessions Updates the user’s sessions in the usermeta table.

Source

class WP_User_Meta_Session_Tokens extends WP_Session_Tokens {

	/**
	 * Retrieves all sessions of the user.
	 *
	 * @since 4.0.0
	 *
	 * @return array Sessions of the user.
	 */
	protected function get_sessions() {
		$sessions = get_user_meta( $this->user_id, 'session_tokens', true );

		if ( ! is_array( $sessions ) ) {
			return array();
		}

		$sessions = array_map( array( $this, 'prepare_session' ), $sessions );
		return array_filter( $sessions, array( $this, 'is_still_valid' ) );
	}

	/**
	 * Converts an expiration to an array of session information.
	 *
	 * @since 4.0.0
	 *
	 * @param mixed $session Session or expiration.
	 * @return array Session.
	 */
	protected function prepare_session( $session ) {
		if ( is_int( $session ) ) {
			return array( 'expiration' => $session );
		}

		return $session;
	}

	/**
	 * Retrieves a session based on its verifier (token hash).
	 *
	 * @since 4.0.0
	 *
	 * @param string $verifier Verifier for the session to retrieve.
	 * @return array|null The session, or null if it does not exist
	 */
	protected function get_session( $verifier ) {
		$sessions = $this->get_sessions();

		if ( isset( $sessions[ $verifier ] ) ) {
			return $sessions[ $verifier ];
		}

		return null;
	}

	/**
	 * Updates a session based on its verifier (token hash).
	 *
	 * @since 4.0.0
	 *
	 * @param string $verifier Verifier for the session to update.
	 * @param array  $session  Optional. Session. Omitting this argument destroys the session.
	 */
	protected function update_session( $verifier, $session = null ) {
		$sessions = $this->get_sessions();

		if ( $session ) {
			$sessions[ $verifier ] = $session;
		} else {
			unset( $sessions[ $verifier ] );
		}

		$this->update_sessions( $sessions );
	}

	/**
	 * Updates the user's sessions in the usermeta table.
	 *
	 * @since 4.0.0
	 *
	 * @param array $sessions Sessions.
	 */
	protected function update_sessions( $sessions ) {
		if ( $sessions ) {
			update_user_meta( $this->user_id, 'session_tokens', $sessions );
		} else {
			delete_user_meta( $this->user_id, 'session_tokens' );
		}
	}

	/**
	 * Destroys all sessions for this user, except the single session with the given verifier.
	 *
	 * @since 4.0.0
	 *
	 * @param string $verifier Verifier of the session to keep.
	 */
	protected function destroy_other_sessions( $verifier ) {
		$session = $this->get_session( $verifier );
		$this->update_sessions( array( $verifier => $session ) );
	}

	/**
	 * Destroys all session tokens for the user.
	 *
	 * @since 4.0.0
	 */
	protected function destroy_all_sessions() {
		$this->update_sessions( array() );
	}

	/**
	 * Destroys all sessions for all users.
	 *
	 * @since 4.0.0
	 */
	public static function drop_sessions() {
		delete_metadata( 'user', 0, 'session_tokens', false, true );
	}
}

View all references View on Trac View on GitHub

Uses Description
WP_Session_Tokenswp-includes/class-wp-session-tokens.php

Abstract class for managing user session tokens.

Changelog

Version Description
4.0.0 Introduced.