API Index — Namespaces, Packages, Reports, Indices
CoSessionManager
in package
Per-coroutine session lifecycle manager (coroutine / superglobals(false) mode).
Registered as the OpenSwoole onRequest handler in coroutine mode. For each
inbound request it:
- Creates a per-coroutine
RequestContext(G) instance and populates$g->openswoole_request/$g->openswoole_response/$g->zealphp_request/$g->zealphp_response. - Optionally starts a session (lazy — only when the client already holds a
PHPSESSIDcookie, unlessSessionStartMiddlewareis registered). - Invokes the PSR-15 middleware stack (
$this->middleware). - Writes and closes the session in the
finallyblock, then runs the per-request isolation resets forcoroutine-legacymode (zealphp_reset_request_rtcaches,zealphp_reset_request_statics,zealphp_reset_request_class_statics) whenApp::$silent_redeclareis active.
The session handler is resolved once per worker via
App::resolveActiveSessionHandler() from App::$session_handler:
null (default, unconfigured) → the inline file path (NOT auto-promoted to
TableSessionHandler — #295 preserves the historical file default);
'table' → TableSessionHandler (concurrent-safe; opt in explicitly);
'file' → FileSessionHandler;
'redis' → RedisSessionHandler;
or any \SessionHandlerInterface instance passed directly.
IMPORTANT: do not call session_start() / session_write_close() directly —
use the zeal_session_* uopz-overridden wrappers so state routes through
$g->session rather than the process-wide $_SESSION.
Table of Contents
Properties
- $idGenerator : string|callable
- Session-id generator: either a callable or the string name of a built-in
function such as
'session_create_id'. - $middleware : callable
- The PSR-15 middleware stack entry point (wrapped as a callable).
- $useCookies : bool
- Whether to read/write the session id via a cookie (
session.use_cookies). - $useOnlyCookies : bool
- Whether to refuse session ids passed in query-string (
session.use_only_cookies).
Methods
- __construct() : mixed
- Inject the middleware stack callable and session configuration.
- __invoke() : void
- Handle one HTTP request: set up
RequestContext, optionally start the session, invoke the middleware stack, then close the session and run per-request isolation resets in thefinallyblock. - safeForFunctionIsolation() : bool
- Returns
truewhen it is safe to runzealphp_process_state_clean().
Properties
$idGenerator
Session-id generator: either a callable or the string name of a built-in
function such as 'session_create_id'.
protected
string|callable
$idGenerator
$middleware
The PSR-15 middleware stack entry point (wrapped as a callable).
protected
callable
$middleware
$useCookies
Whether to read/write the session id via a cookie (session.use_cookies).
protected
bool
$useCookies
$useOnlyCookies
Whether to refuse session ids passed in query-string (session.use_only_cookies).
protected
bool
$useOnlyCookies
Methods
__construct()
Inject the middleware stack callable and session configuration.
public
__construct(callable $middleware[, string|callable $idGenerator = 'session_create_id' ][, bool|null $useCookies = null ][, bool|null $useOnlyCookies = null ]) : mixed
Parameters
- $middleware : callable
-
The PSR-15 stack entry point — called with
(ZealPHP\HTTP\Request, ZealPHP\HTTP\Response). - $idGenerator : string|callable = 'session_create_id'
-
Session-id generator; defaults to
'session_create_id'. - $useCookies : bool|null = null
-
Override
session.use_cookies;nullreads the ini. - $useOnlyCookies : bool|null = null
-
Override
session.use_only_cookies;nullreads the ini.
__invoke()
Handle one HTTP request: set up RequestContext, optionally start the
session, invoke the middleware stack, then close the session and run
per-request isolation resets in the finally block.
public
__invoke(Request $request, Response $response) : void
Called directly by OpenSwoole's onRequest event — do not call manually.
Parameters
- $request : Request
- $response : Response
safeForFunctionIsolation()
Returns true when it is safe to run zealphp_process_state_clean().
private
static safeForFunctionIsolation() : bool
The cleanup is unsafe when a Composer autoloader maps classes inside
App::$document_root — those lazily-loaded classes would have their
statics reset while the require_once cache still considers them loaded,
causing a mismatch on the next request. When such an autoloader is
detected, cleanup is skipped for the whole worker.