Sessions #976

mt-omarov · 2024-04-02T20:06:25Z

Sessions

This PR adds a simple implementation of php sessions in KPHP.

Implemented functions

session_start()
session_abort()
session_commit()
session_write_close()
session_gc()
session_status()
session_encode()
session_decode()
session_get_cookie_params()
session_id()
session_reset()
session_unset()

Supported options

save_path
name
gc_probability
gc_divisor
gc_maxlifetime
cookie_lifetime
cookie_path
cookie_domain
cookie_secure
cookie_httponly
cookie_samesite
use_strict_mode
sid_length
lazy_write

Problems

Storing open session variables within a single worker.
A simple implementation should avoid handling interprocessor states. This means that the standard ways of storing variables in a cpp file cannot be used.
Blocking session files.
It is possible situation of simultaneous attempt to write/read one session from different requests. This means that it is necessary to queue such workers in some way, as php also does.
Deleting session files.
The difficulty of deleting files follows from the problem above, since it is important to avoid locking workers.

Solutions and methods

Memory
Using superglobals to store session states within a single worker. Variables such as v$_COOKIE have their own memory per worker, so an additional array created using the same rules as v$_SESSION is used to avoid inter-processor states.
Blocking sessions
The lockf() function with exclusive blocking F_LOCK is used to block workers.
Extra attributes and file deletion
Еo avoid unnecessary reading of certain data from files, tags (getxattr, setxattr) from <sys/xattr.h> are used that store frequently used information in the form of metadata to the file. Tags are used to store the life duration of the session (gc_maxlifetime) and the status of the confirmation that the document is a session (to distinguish the session from other documents).
Session id generation
To generate a reliable sequence of a given length random_bytes() is used together with bin2hex().

Tests

Interprocessor conflicts
To test the blocking of workers as processes with multiple requests to a single file, the php project JobWorkers from kphp-snippets is used. The test results are located on a separate branch in the form of github action test.
Confirmation of the blocking of workers can be seen in the sections Send a request to the server and Read logs.
cpp tests
Tests were written to demonstrate the correct operation of individual functions.

TO-DO

add a check to see if headers have already been sent before the session starts: requires headers_sent(https://www.php.net/manual/en/function.headers-sent.php)
add implementations: session_destroy(), session_sek_cookie_params(), session_register_shutdown(), session_regenerate_id(), session_create_id()
change the way session options are stored, implement an analog of a php.ini file: currently, options are stored in runtime, so they need to be passed every time session_start() is called

1. Define session class. 2. Define the basic structure of the basic functions. 3. Write the abstract logic of reading and writing session files with the stream and serialize functions.

…functions and simple logic for working with extra attributes for session files.

- add aliases with macros: getxattr(), setxattr() -> get_tag(), set_tag(), - change flock() -> fcntl() with F_SETLKW, - add an additional check for the validity of file descriptor in session_close()

- session_id(), - session_start(), - session_status()

…rite()

…nto andreylzmw/runtime_light_ci

…L in getenv()

- add the resetting logic of fd before deleting files from dir, - change mode of session files from 0777 to 0666, - add new tag to filter session files from other files in session_gc().

…ay arg

mt-omarov and others added 13 commits March 19, 2024 16:31

Add global _SESSION variable

ebe3c8c

Define sessions

6b2f3a6

1. Define session class. 2. Define the basic structure of the basic functions. 3. Write the abstract logic of reading and writing session files with the stream and serialize functions.

Add sessions to compilation target

362fbd1

Stage non-working version of sessions

14fa559

Add new global array for session handler

0774419

Change the session_start() arguments

efa217d

Implement basic functions of sessions: session_start, session_read

c0bf684

Refactor the code: add aliases for array keys. Implement other basic …

e6a6894

…functions and simple logic for working with extra attributes for session files.

Add session_id function for output id

5e04548

Add first php test

33764f1

init

718951b

temporaly disable buster build die to sury issue

5db00ea

Add session_id(), hide session_destroy()

a2d8afb

mt-omarov force-pushed the sessions branch from a7495d9 to e378918 Compare July 10, 2024 10:23

andarut and others added 3 commits July 10, 2024 20:59

update

c42a920

Fix tags, change flock, add macros

08c5a04

- add aliases with macros: getxattr(), setxattr() -> get_tag(), set_tag(), - change flock() -> fcntl() with F_SETLKW, - add an additional check for the validity of file descriptor in session_close()

Add cpp-tests (within single process (worker))

b2ecb61

- session_id(), - session_start(), - session_status()

mt-omarov force-pushed the sessions branch from e378918 to b2ecb61 Compare July 10, 2024 20:26

mt-omarov and others added 12 commits July 12, 2024 15:32

Add unlock fcntl to the session_close() and rewind logic in session_w…

bab9c4e

…rite()

focal+gcc-10 and buster+clang

99b437f

Merge branch 'master' into andreylzmw/runtime_light_ci

3ece261

resolve

318cfda

init

7aaf62d

temporaly disable buster build die to sury issue

66c040f

update

ddc5272

focal+gcc-10 and buster+clang

78bee1f

resolve

a931aa6

resolve

ef02515

continue

5f9c6b6

continue

1f6928c

andarut and others added 25 commits July 17, 2024 15:58

fix conditions

f5a4edd

fix conditions

8d194f1

try fix cache

6c49565

light runtime fpic

bf88ac2

cleanup

e8fd52f

Merge branch 'andreylzmw/runtime_light_ci' of github.com:VKCOM/kphp i…

1ec1a02

…nto andreylzmw/runtime_light_ci

format code

32d1a24

remove less - in dry-run

92ccc80

fix macos gh build

4675969

remove -Wno-unused-result flag

937d928

Merge master

4dcc3d6

Add resetting the session status in session_close(), add check on NUL…

4f6d311

…L in getenv()

Merge branch 'runtime_light_ci' into sessions

ad4307c

Fix session_gc(), change mode of session files

c08969a

- add the resetting logic of fd before deleting files from dir, - change mode of session files from 0777 to 0666, - add new tag to filter session files from other files in session_gc().

Replace fcntl() logic with lockf() for blocking workers

6dc5241

Add SameSite cookie option, implement new setcookie function with arr…

8d4ad55

…ay arg

Add session.use_strict_mode option

c17cda3

Add session_destroy() function

1407551

Add session.sid_length option, add a check to mkdir() in session_open()

37ff87d

Add session.lazy_write option

007e55b

Add session_reset(), session_save_path(), session_unset()

d813b1a

Delete undue php file

be0f21a

Hide session_destroy()

27aef61

Update cpp tests

e8333e9

Add to-do list

4efbde7

mt-omarov marked this pull request as ready for review July 25, 2024 09:42

mt-omarov requested a review from a team as a code owner July 25, 2024 09:42

nevermort previously approved these changes Jul 31, 2024

View reviewed changes

Merge master

fa4fe66

mt-omarov dismissed nevermort’s stale review via fa4fe66 September 13, 2024 11:51

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Sessions #976

Sessions #976

mt-omarov commented Apr 2, 2024 •

edited

Loading

Sessions #976

Are you sure you want to change the base?

Sessions #976

Conversation

mt-omarov commented Apr 2, 2024 • edited Loading

Sessions

Implemented functions

Supported options

Problems

Solutions and methods

Tests

TO-DO

mt-omarov commented Apr 2, 2024 •

edited

Loading