Skip to content

Commit 5eefeb5

Browse files
andreromandrerom
committed
[Hash] Improve user hash change detection during request by comparing it at the end
1 parent b4285c5 commit 5eefeb5

File tree

1 file changed

+15
-8
lines changed

1 file changed

+15
-8
lines changed

src/EventListener/UserContextListener.php

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -78,9 +78,9 @@ class UserContextListener implements EventSubscriberInterface
7878
private $hasSessionListener;
7979

8080
/**
81-
* @var string
81+
* @var bool
8282
*/
83-
private $hash;
83+
private $wasAnonymous;
8484

8585
/**
8686
* Used to exclude anonymous requests (no authentication nor session) from user hash sanity check.
@@ -138,12 +138,12 @@ public function onKernelRequest(UserContextRequestEvent $event)
138138

139139
$request = $event->getRequest();
140140
if (!$this->requestMatcher->matches($request)) {
141-
if ($event->getRequest()->headers->has($this->options['user_hash_header'])
142-
&& !$this->isAnonymous($event->getRequest())
143-
) {
144-
$this->hash = $this->hashGenerator->generateHash();
141+
if ($request->headers->has($this->options['user_hash_header'])) {
142+
// Keep track of if user is anonymous when we have user hash header in request
143+
$this->wasAnonymous = $this->isAnonymous($request);
145144
}
146145

146+
// Return early if request is not a hash lookup
147147
return;
148148
}
149149

@@ -202,11 +202,18 @@ public function onKernelResponse(UserContextResponseEvent $event)
202202

203203
$response = $event->getResponse();
204204
$request = $event->getRequest();
205-
206205
$vary = $response->getVary();
207206

208207
if ($request->headers->has($this->options['user_hash_header'])) {
209-
if (null !== $this->hash && $this->hash !== $request->headers->get($this->options['user_hash_header'])) {
208+
$requestHash = $request->headers->get($this->options['user_hash_header']);
209+
210+
// Generate hash to see if it might have changed during request if user was, or is "logged in" (session)
211+
// But only needed if user was, or is, logged in
212+
if (!$this->wasAnonymous || !$this->isAnonymous($request)) {
213+
$hash = $this->hashGenerator->generateHash();
214+
}
215+
216+
if (isset($hash) && $hash !== $requestHash) {
210217
// hash has changed, session has most certainly changed, prevent setting incorrect cache
211218
$response->setCache([
212219
'max_age' => 0,

0 commit comments

Comments
 (0)