WP_User_Meta_Session_Tokens

Meta-based user sessions token manager.

Defined (1)

The class is defined in the following location(s).

/wp-includes/session.php  
  1. class WP_User_Meta_Session_Tokens extends WP_Session_Tokens { 
  2.  
  3. /** 
  4. * Get all sessions of a user. 
  5. * @since 4.0.0 
  6. * @access protected 
  7. * @return array Sessions of a user. 
  8. */ 
  9. protected function get_sessions() { 
  10. $sessions = get_user_meta( $this->user_id, 'session_tokens', true ); 
  11.  
  12. if ( ! is_array( $sessions ) ) { 
  13. return array(); 
  14.  
  15. $sessions = array_map( array( $this, 'prepare_session' ), $sessions ); 
  16. return array_filter( $sessions, array( $this, 'is_still_valid' ) ); 
  17.  
  18. /** 
  19. * Converts an expiration to an array of session information. 
  20. * @param mixed $session Session or expiration. 
  21. * @return array Session. 
  22. */ 
  23. protected function prepare_session( $session ) { 
  24. if ( is_int( $session ) ) { 
  25. return array( 'expiration' => $session ); 
  26.  
  27. return $session; 
  28.  
  29. /** 
  30. * Retrieve a session by its verifier (token hash). 
  31. * @since 4.0.0 
  32. * @access protected 
  33. * @param string $verifier Verifier of the session to retrieve. 
  34. * @return array|null The session, or null if it does not exist 
  35. */ 
  36. protected function get_session( $verifier ) { 
  37. $sessions = $this->get_sessions(); 
  38.  
  39. if ( isset( $sessions[ $verifier ] ) ) { 
  40. return $sessions[ $verifier ]; 
  41.  
  42. return null; 
  43.  
  44. /** 
  45. * Update a session by its verifier. 
  46. * @since 4.0.0 
  47. * @access protected 
  48. * @param string $verifier Verifier of the session to update. 
  49. * @param array $session Optional. Session. Omitting this argument destroys the session. 
  50. */ 
  51. protected function update_session( $verifier, $session = null ) { 
  52. $sessions = $this->get_sessions(); 
  53.  
  54. if ( $session ) { 
  55. $sessions[ $verifier ] = $session; 
  56. } else { 
  57. unset( $sessions[ $verifier ] ); 
  58.  
  59. $this->update_sessions( $sessions ); 
  60.  
  61. /** 
  62. * Update a user's sessions in the usermeta table. 
  63. * @since 4.0.0 
  64. * @access protected 
  65. * @param array $sessions Sessions. 
  66. */ 
  67. protected function update_sessions( $sessions ) { 
  68. if ( $sessions ) { 
  69. update_user_meta( $this->user_id, 'session_tokens', $sessions ); 
  70. } else { 
  71. delete_user_meta( $this->user_id, 'session_tokens' ); 
  72.  
  73. /** 
  74. * Destroy all session tokens for a user, except a single session passed. 
  75. * @since 4.0.0 
  76. * @access protected 
  77. * @param string $verifier Verifier of the session to keep. 
  78. */ 
  79. protected function destroy_other_sessions( $verifier ) { 
  80. $session = $this->get_session( $verifier ); 
  81. $this->update_sessions( array( $verifier => $session ) ); 
  82.  
  83. /** 
  84. * Destroy all session tokens for a user. 
  85. * @since 4.0.0 
  86. * @access protected 
  87. */ 
  88. protected function destroy_all_sessions() { 
  89. $this->update_sessions( array() ); 
  90.  
  91. /** 
  92. * Destroy all session tokens for all users. 
  93. * @since 4.0.0 
  94. * @access public 
  95. * @static 
  96. */ 
  97. public static function drop_sessions() { 
  98. delete_metadata( 'user', 0, 'session_tokens', false, true );