vendor/shopware/storefront/Framework/Routing/StorefrontSubscriber.php line 424

  1.         if (!$session->isStarted()) {
  2.             $session->setName('session-');
  3.             $session->start();
  4.             $session->set('sessionId'$session->getId());
  5.         }
  6.         $salesChannelId $master->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID);
  7.         if ($salesChannelId === null) {
  8.             /** @var SalesChannelContext|null $salesChannelContext */
  9.             $salesChannelContext $master->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT);
  10.             if ($salesChannelContext !== null) {
  11.                 $salesChannelId $salesChannelContext->getSalesChannel()->getId();
  12.             }
  13.         }
  14.         if ($this->shouldRenewToken($session$salesChannelId)) {
  15.             $token Random::getAlphanumericString(32);
  16.             $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  17.             $session->set(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID$salesChannelId);
  18.         }
  19.         $master->headers->set(
  20.             PlatformRequest::HEADER_CONTEXT_TOKEN,
  21.             $session->get(PlatformRequest::HEADER_CONTEXT_TOKEN)
  22.         );
  23.     }
  24.     public function updateSessionAfterLogin(CustomerLoginEvent $event): void
  25.     {
  26.         $token $event->getContextToken();
  27.         $this->updateSession($token);
  28.     }
  29.     public function updateSessionAfterLogout(): void
  30.     {
  31.         $newToken Random::getAlphanumericString(32);
  32.         $this->updateSession($newTokentrue);
  33.     }
  34.     public function updateSession(string $tokenbool $destroyOldSession false): void
  35.     {
  36.         $master $this->requestStack->getMainRequest();
  37.         if (!$master) {
  38.             return;
  39.         }
  40.         if (!$master->attributes->get(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  41.             return;
  42.         }
  43.         if (!$master->hasSession()) {
  44.             return;
  45.         }
  46.         $session $master->getSession();
  47.         $session->migrate($destroyOldSession);
  48.         $session->set('sessionId'$session->getId());
  49.         $session->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  50.         $master->headers->set(PlatformRequest::HEADER_CONTEXT_TOKEN$token);
  51.     }
  52.     public function customerNotLoggedInHandler(ExceptionEvent $event): void
  53.     {
  54.         if (!$event->getRequest()->attributes->has(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
  55.             return;
  56.         }
  57.         if (!$event->getThrowable() instanceof CustomerNotLoggedInException) {
  58.             return;
  59.         }
  60.         $request $event->getRequest();
  61.         $parameters = [
  62.             'redirectTo' => $request->attributes->get('_route'),
  63.             'redirectParameters' => json_encode($request->attributes->get('_route_params'), \JSON_THROW_ON_ERROR),
  64.         ];
  65.         $redirectResponse = new RedirectResponse($this->router->generate('frontend.account.login.page'$parameters));
  66.         $event->setResponse($redirectResponse);
  67.     }
  68.     public function maintenanceResolver(RequestEvent $event): void
  69.     {
  70.         if ($this->maintenanceModeResolver->shouldRedirect($event->getRequest())) {
  71.             $event->setResponse(
  72.                 new RedirectResponse(
  73.                     $this->router->generate('frontend.maintenance.page'),
  74.                     RedirectResponse::HTTP_TEMPORARY_REDIRECT
  75.                 )
  76.             );
  77.         }
  78.     }
  79.     public function preventPageLoadingFromXmlHttpRequest(ControllerEvent $event): void
  80.     {
  81.         if (!$event->getRequest()->isXmlHttpRequest()) {
  82.             return;
  83.         }
  84.         /** @var list<string> $scope */
  85.         $scope $event->getRequest()->attributes->get(PlatformRequest::ATTRIBUTE_ROUTE_SCOPE, []);
  86.         if (!\in_array(StorefrontRouteScope::ID$scopetrue)) {
  87.             return;
  88.         }
  89.         /** @var callable(): Response $controller */
  90.         $controller $event->getController();
  91.         // happens if Controller is a closure
  92.         if (!\is_array($controller)) {
  93.             return;
  94.         }
  95.         $isAllowed $event->getRequest()->attributes->getBoolean('XmlHttpRequest');
  96.         if ($isAllowed) {
  97.             return;
  98.         }
  99.         throw new AccessDeniedHttpException('PageController can\'t be requested via XmlHttpRequest.');
  100.     }
  101.     // used to switch session token - when the context token expired
  102.     public function replaceContextToken(SalesChannelContextResolvedEvent $event): void
  103.     {
  104.         $context $event->getSalesChannelContext();
  105.         // only update session if token expired and switched
  106.         if ($event->getUsedToken() === $context->getToken()) {
  107.             return;
  108.         }
  109.         $this->updateSession($context->getToken());
  110.     }
  111.     public function addHreflang(StorefrontRenderEvent $event): void
  112.     {
  113.         $request $event->getRequest();
  114.         $route $request->attributes->get('_route');
  115.         if ($route === null) {
  116.             return;
  117.         }
  118.         $routeParams $request->attributes->get('_route_params', []);
  119.         $salesChannelContext $request->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT);
  120.         $parameter = new HreflangLoaderParameter($route$routeParams$salesChannelContext);
  121.         $event->setParameter('hrefLang'$this->hreflangLoader->load($parameter));
  122.     }
  123.     public function addShopIdParameter(StorefrontRenderEvent $event): void
  124.     {
  125.         if (!$this->activeAppsLoader->getActiveApps()) {
  126.             return;
  127.         }
  128.         try {
  129.             $shopId $this->shopIdProvider->getShopId();
  130.         } catch (AppUrlChangeDetectedException) {
  131.             return;
  132.         }
  133.         $event->setParameter('appShopId'$shopId);
  134.     }
  135.     public function addIconSetConfig(StorefrontRenderEvent $event): void
  136.     {
  137.         $request $event->getRequest();
  138.         // get name if theme is not inherited
  139.         $theme $request->attributes->get(SalesChannelRequest::ATTRIBUTE_THEME_NAME);
  140.         if (!$theme) {
  141.             // get theme name from base theme because for inherited themes the name is always null
  142.             $theme $request->attributes->get(SalesChannelRequest::ATTRIBUTE_THEME_BASE_NAME);
  143.         }
  144.         if (!$theme) {
  145.             return;
  146.         }
  147.         $themeConfig $this->themeRegistry->getConfigurations()->getByTechnicalName($theme);
  148.         if (!$themeConfig) {
  149.             return;
  150.         }
  151.         $iconConfig = [];
  152.         foreach ($themeConfig->getIconSets() as $pack => $path) {
  153.             $iconConfig[$pack] = [
  154.                 'path' => $path,
  155.                 'namespace' => $theme,
  156.             ];
  157.         }
  158.         $event->setParameter('themeIconConfig'$iconConfig);
  159.     }
  160.     private function shouldRenewToken(SessionInterface $session, ?string $salesChannelId null): bool
  161.     {
  162.         if (!$session->has(PlatformRequest::HEADER_CONTEXT_TOKEN) || $salesChannelId === null) {
  163.             return true;
  164.         }
  165.         if ($this->systemConfigService->get('core.systemWideLoginRegistration.isCustomerBoundToSalesChannel')) {
  166.             return $session->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_ID) !== $salesChannelId;
  167.         }
  168.         return false;
  169.     }
  170. }