Skip to content

[HttpFoundation] Deprecate Request::getSession() when Request::hasSession() is false #9625

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed

[HttpFoundation] Deprecate Request::getSession() when Request::hasSession() is false #9625

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ed08a59
deprecating getSession() call when no hasSession()
Apr 20, 2018
82a875a
update code examples using getSession()
Apr 20, 2018
b312191
code review changes
Apr 20, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions components/http_foundation.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,13 @@ the
method tells you if the request contains a session which was started in one of
the previous requests.

.. versionadded:: 4.1

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the blank line must be removed

Using :method:`Symfony\\Component\\HttpFoundation\\Request::getSession()` when no session
has been set, was deprecated in Symfony 4.1. It will throw an exception in
Symfony 5.0 when session is null.
Use :method:`Symfony\\Component\\HttpFoundation\\Request::hasSession()` instead.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would this reword to say something like "Check for an existing session first by calling Request::hasSession()."


Accessing ``Accept-*`` Headers Data
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Expand Down
6 changes: 4 additions & 2 deletions security/form_login.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -444,7 +444,9 @@ remove this variable, it's better to use the
// ...
use Symfony\Component\Security\Http\Util\TargetPathTrait;

$targetPath = $this->getTargetPath($request->getSession(), $providerKey);
$session = $request->hasSession() ? $request->getSession() : throw_no_session_exception();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not convinced we should throw an exception here. Not having a session looks valid to me and we should then just use the empty value as the target path IMO.


$targetPath = $this->getTargetPath($session, $providerKey);

// equivalent to:
// $targetPath = $request->getSession()->get('_security.'.$providerKey.'.target_path');
// $targetPath = $session->get('_security.'.$providerKey.'.target_path');
14 changes: 9 additions & 5 deletions security/impersonating_user.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -209,11 +209,15 @@ you switch users, add an event subscriber on this event::
{
public function onSwitchUser(SwitchUserEvent $event)
{
$event->getRequest()->getSession()->set(
'_locale',
// assuming your User has some getLocale() method
$event->getTargetUser()->getLocale()
);
$request = $event->getRequest();

if ($request->hasSession() && ($session = $request->getSession)) {
$session->set(
'_locale',
// assuming your User has some getLocale() method
$event->getTargetUser()->getLocale()
);
}
}

public static function getSubscribedEvents()
Expand Down