src/Handler/SessionIdleHandler.php line 56
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationChecker;
final class SessionIdleHandler
{
public function __construct(
private TokenStorageInterface $tokenStorage,
private RouterInterface $router,
private AuthorizationChecker $authorizationChecker,
private int $maxIdleTime = 0
) {
}
public function onKernelRequest(RequestEvent $event): void
{
if (HttpKernelInterface::MAIN_REQUEST != $event->getRequestType()) {
return;
}
if ($this->maxIdleTime > 0) {
$session = $event->getRequest()->getSession();
$session->start();
$lapse = time() - $session->getMetadataBag()->getLastUsed();
if ($lapse > $this->maxIdleTime && $this->authorizationChecker->isGranted('ROLE_USER')) {
$this->tokenStorage->setToken();
$event->setResponse(
new RedirectResponse(
$this->router->generate(
'security_login',
['session_idle' => true]
)
)
);
}
}
}
}