Manual:Hooks/SessionMetadata

Details

 * $backend: being saved.
 * &$metadata: Array of metadata to be stored. Add new keys here. Must be serializable.
 * $requests: Array of potentially being saved to. Generally 0-1 real request and 0+.

Allows adding extra metadata to the session. The metadata can be used to invalidate the session via the hook (e.g. to tie sessions to IPs, one could add the IP address in SessionMetadata and check it against the actual IP address of the request in SessionCheckInfo). Changing existing keys is not allowed.

A adding metadata for its own session does not need this hook; it should instead pass the metadata to the SessionInfo constructor, or call , or use its   or   methods (which will be called on every request) to update existing metadata.

The default keys in  are:
 * (string) - the classname of the SessionProvider
 * (array|null) - metadata from the provider
 * (int)
 * (string)
 * (string)
 * (bool) - "remember me" flag for this session
 * (bool) - whether the user should be forced to use HTTPS.
 * (int) - time of expiry as a Unix timestamp
 * (int|null) - Unix timestamp of when the user logged out (for a session that's anonymous but was logged-in earlier)
 * (bool) - whether the session is persisted (ie. the next request from the client will be recognized as belonging to the same session). Typically this means whether the session cookie has been set (or at least added to the current response).