You are here

public function SessionManager::start in Drupal 8

Same name and namespace in other branches
  1. 9 core/lib/Drupal/Core/Session/SessionManager.php \Drupal\Core\Session\SessionManager::start()

File

core/lib/Drupal/Core/Session/SessionManager.php, line 105

Class

SessionManager
Manages user sessions.

Namespace

Drupal\Core\Session

Code

public function start() {
  if (($this->started || $this->startedLazy) && !$this->closed) {
    return $this->started;
  }
  $request = $this->requestStack
    ->getCurrentRequest();
  $this
    ->setOptions($this->sessionConfiguration
    ->getOptions($request));
  if ($this->sessionConfiguration
    ->hasSession($request)) {

    // If a session cookie exists, initialize the session. Otherwise the
    // session is only started on demand in save(), making
    // anonymous users not use a session cookie unless something is stored in
    // $_SESSION. This allows HTTP proxies to cache anonymous pageviews.
    $result = $this
      ->startNow();
  }
  if (empty($result)) {

    // Randomly generate a session identifier for this request. This is
    // necessary because \Drupal\Core\TempStore\SharedTempStoreFactory::get()
    // wants to know the future session ID of a lazily started session in
    // advance.
    //
    // @todo: With current versions of PHP there is little reason to generate
    //   the session id from within application code. Consider using the
    //   default php session id instead of generating a custom one:
    //   https://www.drupal.org/node/2238561
    $this
      ->setId(Crypt::randomBytesBase64());

    // Initialize the session global and attach the Symfony session bags.
    $_SESSION = [];
    $this
      ->loadSession();

    // NativeSessionStorage::loadSession() sets started to TRUE, reset it to
    // FALSE here.
    $this->started = FALSE;
    $this->startedLazy = TRUE;
    $result = FALSE;
  }
  return $result;
}