UserStorage: removed BROWSER_CLOSED expiration reason [Closes nette/h…

…ttp#112]

readme.md

@@ -42,23 +42,20 @@ Simple, right?
 .[note]
 Logging in requires users to have cookies enabled - other methods are not safe!
 
-Besides logging the user out with the `logout()` method, it can be done automatically based on specified time interval or closing the browser window. For this configuration we have to call `setExpiration()` during the login process. As an argument, it takes a relative time in seconds, UNIX timestamp, or textual representation of time. The second argument specifies whether the user should be logged out when the browser is closed.
+Besides logging the user out with the `logout()` method, it can be done automatically based on specified time interval or closing the browser window. For this configuration we have to call `setExpiration()` during the login process. As an argument, it takes a relative time in seconds, UNIX timestamp, or textual representation of time.
 
 ```php
-// login expires after 30 minutes of inactivity or after closing browser
-$user->setExpiration('30 minutes', TRUE);
+// login expires after 30 minutes of inactivity
+$user->setExpiration('30 minutes');
 
 // login expires after two days of inactivity
-$user->setExpiration('2 days', FALSE);
-
-// login expires when a browser is closed, but not sooner (ie. without a time limit)
-$user->setExpiration(0, TRUE);
+$user->setExpiration('2 days');
 ```
 
 .[note]
 Expiration must be set to value equal or lower than the expiration of [sessions].
 
-The reason of last logout can be obtained by method `$user->getLogoutReason()`, which returns one of these constants: `IUserStorage::INACTIVITY` if time expired, `IUserStorage::BROWSER_CLOSED` when user has closed the browser or `IUserStorage::MANUAL` when the `logout()` method was called.
+The reason of last logout can be obtained by method `$user->getLogoutReason()`, which returns one of these constants: `IUserStorage::INACTIVITY` if time expired or `IUserStorage::MANUAL` when the `logout()` method was called.
 
 To make the example above work, we in fact have to create an object that verifies user's name and password. It's called **authenticator**. Its trivial implementation is the class [api:Nette\Security\SimpleAuthenticator], which in its constructor accepts an associative array:
 

src/Security/IUserStorage.php

@@ -14,13 +14,16 @@
 interface IUserStorage
 {
 	/** Log-out reason {@link IUserStorage::getLogoutReason()} */
-	const MANUAL = 0b0001,
-		INACTIVITY = 0b0010,
-		BROWSER_CLOSED = 0b0100;
+	const
+		MANUAL = 0b0001,
+		INACTIVITY = 0b0010;
 
 	/** Log-out behavior */
 	const CLEAR_IDENTITY = 0b1000;
 
+	/** @deprecated */
+	const BROWSER_CLOSED = 0b0100;
+
 	/**
 	 * Sets the authenticated status of this user.
 	 * @param  bool
@@ -49,7 +52,7 @@ function getIdentity();
 	/**
 	 * Enables log out from the persistent storage after inactivity.
 	 * @param  string|int|\DateTimeInterface number of seconds or timestamp
-	 * @param  int Log out when the browser is closed | Clear the identity from persistent storage?
+	 * @param  int Clear the identity from persistent storage?
 	 * @return void
 	 */
 	function setExpiration($time, $flags = 0);

src/Security/User.php

@@ -26,9 +26,12 @@ class User
 	use Nette\SmartObject;
 
 	/** @deprecated */
-	const MANUAL = IUserStorage::MANUAL,
-		INACTIVITY = IUserStorage::INACTIVITY,
-		BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
+	const
+		MANUAL = IUserStorage::MANUAL,
+		INACTIVITY = IUserStorage::INACTIVITY;
+
+	/** @deprecated */
+	const BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
 
 	/** @var string  default role for unauthenticated user */
 	public $guestRole = 'guest';
@@ -166,14 +169,14 @@ public function getAuthenticator($need = TRUE)
 	/**
 	 * Enables log out after inactivity.
 	 * @param  string|int|\DateTimeInterface number of seconds or timestamp
-	 * @param  bool  log out when the browser is closed?
-	 * @param  bool  clear the identity from persistent storage?
+	 * @param  int|bool  flag IUserStorage::CLEAR_IDENTITY
+	 * @param  bool  clear the identity from persistent storage? (deprecated)
 	 * @return static
 	 */
-	public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
+	public function setExpiration($time, $flags = NULL, $clearIdentity = FALSE)
 	{
-		$flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
-		$this->storage->setExpiration($time, $flags);
+		$clearIdentity = $clearIdentity || $flags === IUserStorage::CLEAR_IDENTITY;
+		$this->storage->setExpiration($time, $clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
 		return $this;
 	}