public function SessionManager::regenerate in Drupal 8

Same name and namespace in other branches

1. 9 core/lib/Drupal/Core/Session/SessionManager.php \Drupal\Core\Session\SessionManager::regenerate()
2. 10 core/lib/Drupal/Core/Session/SessionManager.php \Drupal\Core\Session\SessionManager::regenerate()

File

core/lib/Drupal/Core/Session/SessionManager.php, line 207

Class

SessionManager

Manages user sessions.

Namespace

Drupal\Core\Session

Code

public function regenerate($destroy = FALSE, $lifetime = NULL) {

  // Nothing to do if we are not allowed to change the session.
  if ($this
    ->isCli()) {
    return;
  }

  // We do not support the optional $destroy and $lifetime parameters as long
  // as #2238561 remains open.
  if ($destroy || isset($lifetime)) {
    throw new \InvalidArgumentException('The optional parameters $destroy and $lifetime of SessionManager::regenerate() are not supported currently');
  }
  if ($this
    ->isStarted()) {
    $old_session_id = $this
      ->getId();

    // Save and close the old session. Call the parent method to avoid issue
    // with session destruction due to the session being considered obsolete.
    parent::save();

    // Ensure the session is reloaded correctly.
    $this->startedLazy = TRUE;
  }
  session_id(Crypt::randomBytesBase64());

  // We set token seed immediately to avoid race condition between two
  // simultaneous requests without a seed.
  $this
    ->getMetadataBag()
    ->setCsrfTokenSeed(Crypt::randomBytesBase64());
  if (isset($old_session_id)) {
    $params = session_get_cookie_params();
    $expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
    setcookie($this
      ->getName(), $this
      ->getId(), $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
    $this
      ->migrateStoredSession($old_session_id);
  }
  $this
    ->startNow();
}