Contexts:
- How is the
\Magento\Security\Model\ResourceModel\AdminSessionInfo\Collection::updateActiveSessionsStatus()
implemented and used? - How is the
\Magento\Security\Model\AdminSessionsManager::createNewSession()
implemented and used?
Implementation
app/code/Magento/Security/Model/AdminSessionsManager.php
/**
* Handle all others active sessions according Sharing Account Setting
*
* @return $this
*/
public function processLogin()
{
$this->createNewSession();
$olderThen = $this->dateTime->gmtTimestamp() - $this->securityConfig->getAdminSessionLifetime();
if (!$this->securityConfig->isAdminAccountSharingEnabled()) {
$result = $this->createAdminSessionInfoCollection()->updateActiveSessionsStatus(
AdminSessionInfo::LOGGED_OUT_BY_LOGIN,
$this->getCurrentSession()->getUserId(),
$this->getCurrentSession()->getSessionId(),
$olderThen
);
if ($result) {
$this->getCurrentSession()->setIsOtherSessionsTerminated(true);
}
}
return $this;
}
The sole usage
It is only used from the security_admin_sessions_login
after
plugin to the \Magento\Backend\Model\Auth::login()
method: