WARNING: You are browsing the documentation for Symfony 2.1 which is not maintained anymore. Consider upgrading your projects to Symfony 4.1.

Session Proxy Examples

2.1 version
Unmaintained

Session Proxy Examples

The session proxy mechanism has a variety of uses and this example demonstrates two common uses. Rather than injecting the session handler as normal, a handler is injected into the proxy and registered with the session storage driver:

1
2
3
4
5
6
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
use Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionStorage;

$proxy = new YourProxy(new PdoSessionStorage());
$session = new Session(new NativeSessionStorage($proxy));

Below, you'll learn two real examples that can be used for YourProxy: encryption of session data and readonly guest session.

Encryption of Session Data

If you wanted to encrypt the session data, you could use the proxy to encrypt and decrypt the session as required:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;

class EncryptedSessionProxy extends SessionHandlerProxy
{
    private $key;

    public function __construct(\SessionHandlerInterface $handler, $key)
    {
        $this->key = $key;

        parent::__construct($handler);
    }

    public function read($id)
    {
        $data = parent::write($id, $data);

        return mcrypt_decrypt(\MCRYPT_3DES, $this->key, $data);
    }

    public function write($id, $data)
    {
        $data = mcrypt_encrypt(\MCRYPT_3DES, $this->key, $data);

        return parent::write($id, $data);
    }
}

Readonly Guest Sessions

There are some applications where a session is required for guest users, but there is no particular need to persist the session. In this case you can intercept the session before it writes:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
use Foo\User;
use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;

class ReadOnlyGuestSessionProxy extends SessionHandlerProxy
{
    private $user;

    public function __construct(\SessionHandlerInterface $handler, User $user)
    {
        $this->user = $user;

        parent::__construct($handler);
    }

    public function write($id, $data)
    {
        if ($this->user->isGuest()) {
            return;
        }

        return parent::write($id, $data);
    }
}

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.