juliangorge
commented
4 years ago I've fixed it upgrading to Laminas MVC, this my new Module.php
`<?php
/**
- @see https://github.com/laminas-api-tools/api-tools-skeleton for the canonical source repository
- @copyright https://github.com/laminas-api-tools/api-tools-skeleton/blob/master/COPYRIGHT.md
- @license https://github.com/laminas-api-tools/api-tools-skeleton/blob/master/LICENSE.md New BSD License */
namespace Admin;
use Laminas\Mvc\MvcEvent; use Laminas\Mvc\Controller\AbstractActionController; use Admin\Controller\AuthController; use Admin\Service\AuthManager;
class Module { /**
-
This method returns the path to module.config.php file. */ public function getConfig() { return include DIR . '/../config/module.config.php'; }
public function onBootstrap(MvcEvent $event) { $app = $event->getParam('application');
// Get event manager. $eventManager = $event->getApplication()->getEventManager(); $sharedEventManager = $eventManager->getSharedManager(); // Register the event listener method. $sharedEventManager->attach(AbstractActionController::class, MvcEvent::EVENT_DISPATCH, [$this, 'onDispatch'], 100);}
/**
- Event listener method for the 'Dispatch' event. We listen to the Dispatch
- event to call the access filter. The access filter allows to determine if
- the current visitor is allowed to see the page or not. If he/she
- is not authorized and is not allowed to see the page, we redirect the user
-
to the login page. */ public function onDispatch(MvcEvent $event) { // Get controller and action to which the HTTP request was dispatched. $controller = $event->getTarget(); $controllerName = $event->getRouteMatch()->getParam('controller', null); $actionName = $event->getRouteMatch()->getParam('action', null);
// Convert dash-style action name to camel-case. $actionName = str_replace('-', '', lcfirst(ucwords($actionName, '-'))); // Get the instance of AuthManager service. $authManager = $event->getApplication()->getServiceManager()->get(AuthManager::class); // Execute the access filter on every controller except AuthController // (to avoid infinite redirect). if ($controllerName!=AuthController::class && !$authManager->filterAccess($controllerName, $actionName)) { $uri = $event->getApplication()->getRequest()->getUri(); $uri->setScheme(null)->setHost(null)->setPort(null)->setUserInfo(null); return $controller->redirect()->toRoute('login', [], ['query' => ['redirectUrl' => $uri->toString()]]); }else{ $sessionManager = $event->getApplication()->getServiceManager()->get('Zend\Session\SessionManager'); $this->forgetInvalidSession($sessionManager); }}
protected function forgetInvalidSession($sessionManager) { try { $sessionManager->start(); return; } catch (\Exception $e) { // } // Session validation failed: toast it and carry on.
// @codeCoverageIgnoreStart session_unset(); // @codeCoverageIgnoreEnd} }`
Hello there! I can see Users module (userdemo) is creating session data files everytime an user just connect to home page without login. If I debug, I see User's module is loaded before Application's module.
`<?php namespace User;
use Zend\Mvc\MvcEvent; use Zend\Mvc\Controller\AbstractActionController; use User\Controller\AuthController; use User\Service\AuthManager;
class Module { ... public function onBootstrap(MvcEvent $event) { // Get event manager. $eventManager = $event->getApplication()->getEventManager(); $sharedEventManager = $eventManager->getSharedManager(); // Register the event listener method. $sharedEventManager->attach(AbstractActionController::class, MvcEvent::EVENT_DISPATCH, [$this, 'onDispatch'], 100);
}
?>`
My module.config.php
`<?php return [ 'Zend\Navigation', 'Zend\Mvc\Plugin\FilePrg', 'Zend\Mvc\Plugin\FlashMessenger', 'Zend\Mvc\Plugin\Identity', 'Zend\Mvc\Plugin\Prg', 'Zend\Form', 'Zend\I18n', 'Zend\ServiceManager\Di', 'Zend\Db', 'Zend\Session', 'Zend\Router', 'Zend\Validator', 'DoctrineModule', 'DoctrineORMModule', 'ZendDeveloperTools', 'Application', 'Users' ];
?> `
How can I fixed this? Thank you!