diff --git a/core/lib/Drupal/Core/Session/SessionHandler.php b/core/lib/Drupal/Core/Session/SessionHandler.php index 0d6f48a..d8b3789 100644 --- a/core/lib/Drupal/Core/Session/SessionHandler.php +++ b/core/lib/Drupal/Core/Session/SessionHandler.php @@ -64,10 +64,8 @@ public function read($sid) { } else { // Read the session data from the database. - $query = $this->connection->select('sessions', 's') - ->fields('s', ['session']) - ->condition('sid', Crypt::hashBase64($sid)) - ->execute(); + $query = $this->connection + ->queryRange('SELECT session FROM {sessions} WHERE sid = :sid', 0, 1, ['sid' => Crypt::hashBase64($sid)]); return (string) $query->fetchField(); } } diff --git a/core/lib/Drupal/Core/Authentication/Provider/Cookie.php b/core/modules/user/src/Authentication/Provider/Cookie.php similarity index 81% rename from core/lib/Drupal/Core/Authentication/Provider/Cookie.php rename to core/modules/user/src/Authentication/Provider/Cookie.php index 913cc57..35f1f8a 100644 --- a/core/lib/Drupal/Core/Authentication/Provider/Cookie.php +++ b/core/modules/user/src/Authentication/Provider/Cookie.php @@ -2,10 +2,10 @@ /** * @file - * Contains \Drupal\Core\Authentication\Provider\Cookie. + * Contains \Drupal\user\Authentication\Provider\Cookie. */ -namespace Drupal\Core\Authentication\Provider; +namespace Drupal\user\Authentication\Provider; use Drupal\Core\Authentication\AuthenticationProviderInterface; use Drupal\Core\Database\Connection; @@ -76,11 +76,15 @@ public function authenticate(Request $request) { * The current user object. */ protected function getUserFromSession(SessionInterface $session) { - $values = $this->connection->select('users_field_data', 'u') - ->fields('u') - ->condition('default_langcode', 1) - ->condition('uid', $session->get('uid')) - ->execute() + $uid = $session->get('uid'); + if (empty($uid)) { + // Do not disturb database for anonymous users. + return new AnonymousUserSession(); + } + + // @todo Load User entity in handler https://www.drupal.org/node/2345611 + $values = $this->connection + ->query('SELECT * FROM {users_field_data} WHERE uid = :uid AND default_langcode = 1', [':uid', $session->get('uid')]) ->fetchAssoc(); if ($values && $values['uid'] > 0 && $values['status'] == 1) { @@ -91,10 +95,8 @@ protected function getUserFromSession(SessionInterface $session) { // We found the client's session record and they are an authenticated, // active user. - $rids = $this->connection->select('user__roles', 'ur') - ->fields('ur', ['rid' => 'roles_target_id']) - ->condition('entity_id', $values['uid']) - ->execute() + $rids = $this->connection + ->query('SELECT roles_target_id FROM {user__roles} WHERE entity_id = :uid', [':uid' => $values['uid']]) ->fetchCol(); // Add user's roles. $values['roles'] = array_merge([AccountInterface::AUTHENTICATED_ROLE], $rids); diff --git a/core/modules/user/src/EventSubscriber/UserRequestSubscriber.php b/core/modules/user/src/EventSubscriber/UserRequestSubscriber.php index 520c727..2dd73b0 100644 --- a/core/modules/user/src/EventSubscriber/UserRequestSubscriber.php +++ b/core/modules/user/src/EventSubscriber/UserRequestSubscriber.php @@ -65,7 +65,9 @@ public function onKernelTerminate(PostResponseEvent $event) { * {@inheritdoc} */ public static function getSubscribedEvents() { - // Should go before other subscribers start to write their caches. + // Should go before other subscribers start to write their caches. And + // specifically before \Drupal\Core\EventSubscriber\KernelDestructionSubscriber + // to prevent instantiation of destructed services. $events[KernelEvents::TERMINATE][] = ['onKernelTerminate', 300]; return $events; } diff --git a/core/modules/user/user.services.yml b/core/modules/user/user.services.yml index 5a5bb61..0a55b6e 100644 --- a/core/modules/user/user.services.yml +++ b/core/modules/user/user.services.yml @@ -16,7 +16,7 @@ services: tags: - { name: access_check, applies_to: _user_is_logged_in } authentication.cookie: - class: Drupal\Core\Authentication\Provider\Cookie + class: Drupal\user\Authentication\Provider\Cookie arguments: ['@session_configuration', '@database'] tags: - { name: authentication_provider, priority: 0 }