时间戳

首页 > 解决方案 > 在 PHP 7.2 上使用 Symfony 会话的 `migrate` 方法会引发错误

php - 在 PHP 7.2 上使用 Symfony 会话的 `migrate` 方法会引发错误

问题描述

我们在 Symfony 应用程序上使用 Guard 身份验证器通过外部应用程序进行身份验证。在getCredentials我们AbstractGuardAuthenticator实现的方法中,我们使用migrateRequest 的 session 上的方法来刷新 session。

/**
 * Called on every request and refreshes the user's session.
 * Attempts to get credentials (i.e. a token) from a request:
 *      If a token is present, attempts to log a user in.  Continues to the getUser method.
 *      If there is no token a user is logged in, the request continues.
 *      If there is no token and there is no logged in user, sends the User to authenticate.
 *
 * @param Request $request The current request
 * @return array|null If there is a token present, it is returned in an array; otherwise null is returned
 */
public function getCredentials(Request $request)
{
    // Update the session lifetime
    // The migrate method regenerates the session to a new session id, but preserves
    // all attributes.  The first parameter is set to true so that the old session
    // is destroyed, and the second parameter resets the lifetime to 30 minutes.
    $request->getSession()->migrate(true, 30 * 60);

    // Check query params for token
    $token = $request->query->get('token');

    // When no token is provided:
    //  If user is logged in, skip authentication steps
    //  If no user is logged in, go to start method to authenticate
    if($token == null)
        return null;

    // Token provided, continue to getUser
    return ['token' => $token];
}

在 PHP 7.1 上运行时,这工作正常。根据文档,该migrate方法返回 true,表示迁移成功。在 PHP 7.2 上运行时,我收到此错误:

Symfony\Component\Debug\Exception\ContextErrorException:
Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time

at vendor\symfony\symfony\src\Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage.php:201
at Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage->regenerate(true, 1800)
    (vendor\symfony\symfony\src\Symfony\Component\HttpFoundation\Session\Session.php:185)
at Symfony\Component\HttpFoundation\Session\Session->migrate(true, 1800)
    (vendor\OrgOne\authentication-bundle\OrgOne\AuthenticationBundle\Security\TokenAuthenticator.php:55)
at OrgOne\AuthenticationBundle\Security\TokenAuthenticator->getCredentials(object(Request))
    (vendor\symfony\symfony\src\Symfony\Component\Security\Guard\Firewall\GuardAuthenticationListener.php:118)

我们应该如何使用migratePHP 7.2 中的方法或类似的东西?

标签: phpsymfonyphp-7.2

解决方案

我可以用 PHP 7.2.7 和 symfony 4.2 重现这种行为。

不带参数调用该migrate函数不会产生异常

$request->getSession()->migrate()

framework.yml然后将使用配置中指定的生命周期。所以你可以设置 cookie_lifetime 为 1800 (= 30 * 60)

framework:
    ...
    session:
        handler_id:  session.handler.native_file
        save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
        cookie_lifetime: 1800

推荐阅读