vendor/shopware/storefront/Framework/Cache/CacheResponseSubscriber.php line 70

  1. <?php declare(strict_types=1);
  3. namespace Shopware\Storefront\Framework\Cache;
  5. use Shopware\Core\Checkout\Cart\Cart;
  6. use Shopware\Core\Checkout\Cart\SalesChannel\CartService;
  7. use Shopware\Core\Framework\Adapter\Cache\CacheStateSubscriber;
  8. use Shopware\Core\Framework\Event\BeforeSendResponseEvent;
  9. use Shopware\Core\Framework\Log\Package;
  10. use Shopware\Core\PlatformRequest;
  11. use Shopware\Core\System\SalesChannel\Context\SalesChannelContextService;
  12. use Shopware\Core\System\SalesChannel\SalesChannelContext;
  13. use Shopware\Storefront\Framework\Routing\MaintenanceModeResolver;
  14. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  15. use Symfony\Component\HttpFoundation\Cookie;
  16. use Symfony\Component\HttpFoundation\Request;
  17. use Symfony\Component\HttpFoundation\Response;
  18. use Symfony\Component\HttpKernel\Event\RequestEvent;
  19. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  20. use Symfony\Component\HttpKernel\EventListener\AbstractSessionListener;
  21. use Symfony\Component\HttpKernel\KernelEvents;
  23. /**
  24.  * @internal
  25.  */
  26. #[Package('storefront')]
  27. class CacheResponseSubscriber implements EventSubscriberInterface
  28. {
  29.     final public const STATE_LOGGED_IN CacheStateSubscriber::STATE_LOGGED_IN;
  30.     final public const STATE_CART_FILLED CacheStateSubscriber::STATE_CART_FILLED;
  32.     final public const CURRENCY_COOKIE 'sw-currency';
  33.     final public const CONTEXT_CACHE_COOKIE 'sw-cache-hash';
  34.     final public const SYSTEM_STATE_COOKIE 'sw-states';
  35.     final public const INVALIDATION_STATES_HEADER 'sw-invalidation-states';
  37.     private const CORE_HTTP_CACHED_ROUTES = [
  38.         'api.acl.privileges.get',
  39.     ];
  41.     /**
  42.      * @internal
  43.      */
  44.     public function __construct(
  45.         private readonly CartService $cartService,
  46.         private readonly int $defaultTtl,
  47.         private readonly bool $httpCacheEnabled,
  48.         private readonly MaintenanceModeResolver $maintenanceResolver,
  49.         private readonly bool $reverseProxyEnabled,
  50.         private readonly ?string $staleWhileRevalidate,
  51.         private readonly ?string $staleIfError
  52.     ) {
  53.     }
  55.     /**
  56.      * @return array<string, string|array{0: string, 1: int}|list<array{0: string, 1?: int}>>
  57.      */
  58.     public static function getSubscribedEvents(): array
  59.     {
  60.         return [
  61.             KernelEvents::REQUEST => 'addHttpCacheToCoreRoutes',
  62.             KernelEvents::RESPONSE => [
  63.                 ['setResponseCache', -1500],
  64.                 ['setResponseCacheHeader'1500],
  65.             ],
  66.             BeforeSendResponseEvent::class => 'updateCacheControlForBrowser',
  67.         ];
  68.     }
  70.     public function addHttpCacheToCoreRoutes(RequestEvent $event): void
  71.     {
  72.         $request $event->getRequest();
  73.         $route $request->attributes->get('_route');
  75.         if (\in_array($routeself::CORE_HTTP_CACHED_ROUTEStrue)) {
  76.             $request->attributes->set(PlatformRequest::ATTRIBUTE_HTTP_CACHEtrue);
  77.         }
  78.     }
  80.     public function setResponseCache(ResponseEvent $event): void
  81.     {
  82.         if (!$this->httpCacheEnabled) {
  83.             return;
  84.         }
  86.         $response $event->getResponse();
  88.         $request $event->getRequest();
  90.         $context $request->attributes->get(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT);
  92.         if (!$context instanceof SalesChannelContext) {
  93.             return;
  94.         }
  96.         if (!$this->maintenanceResolver->shouldBeCached($request)) {
  97.             return;
  98.         }
  100.         $route $request->attributes->get('_route');
  101.         if ($route === 'frontend.checkout.configure') {
  102.             $this->setCurrencyCookie($request$response);
  103.         }
  105.         $cart $this->cartService->getCart($context->getToken(), $context);
  107.         $states $this->updateSystemState($cart$context$request$response);
  109.         // We need to allow it on login, otherwise the state is wrong
  110.         if (!($route === 'frontend.account.login' || $request->getMethod() === Request::METHOD_GET)) {
  111.             return;
  112.         }
  114.         if ($context->getCustomer() || $cart->getLineItems()->count() > 0) {
  115.             $newValue $this->buildCacheHash($context);
  117.             if ($request->cookies->get(self::CONTEXT_CACHE_COOKIE'') !== $newValue) {
  118.                 $cookie Cookie::create(self::CONTEXT_CACHE_COOKIE$newValue);
  119.                 $cookie->setSecureDefault($request->isSecure());
  121.                 $response->headers->setCookie($cookie);
  122.             }
  123.         } elseif ($request->cookies->has(self::CONTEXT_CACHE_COOKIE)) {
  124.             $response->headers->removeCookie(self::CONTEXT_CACHE_COOKIE);
  125.             $response->headers->clearCookie(self::CONTEXT_CACHE_COOKIE);
  126.         }
  128.         /** @var bool|array{maxAge?: int, states?: list<string>}|null $cache */
  129.         $cache $request->attributes->get(PlatformRequest::ATTRIBUTE_HTTP_CACHE);
  130.         if (!$cache) {
  131.             return;
  132.         }
  134.         if ($cache === true) {
  135.             $cache = [];
  136.         }
  138.         if ($this->hasInvalidationState($cache['states'] ?? [], $states)) {
  139.             return;
  140.         }
  142.         $maxAge $cache['maxAge'] ?? $this->defaultTtl;
  144.         $response->setSharedMaxAge($maxAge);
  145.         $response->headers->addCacheControlDirective('must-revalidate');
  146.         $response->headers->set(
  147.             self::INVALIDATION_STATES_HEADER,
  148.             implode(','$cache['states'] ?? [])
  149.         );
  151.         if ($this->staleIfError !== null) {
  152.             $response->headers->addCacheControlDirective('stale-if-error'$this->staleIfError);
  153.         }
  155.         if ($this->staleWhileRevalidate !== null) {
  156.             $response->headers->addCacheControlDirective('stale-while-revalidate'$this->staleWhileRevalidate);
  157.         }
  158.     }
  160.     public function setResponseCacheHeader(ResponseEvent $event): void
  161.     {
  162.         if (!$this->httpCacheEnabled) {
  163.             return;
  164.         }
  166.         $response $event->getResponse();
  168.         $request $event->getRequest();
  170.         /** @var bool|array{maxAge?: int, states?: list<string>}|null $cache */
  171.         $cache $request->attributes->get(PlatformRequest::ATTRIBUTE_HTTP_CACHE);
  172.         if (!$cache) {
  173.             return;
  174.         }
  176.         $response->headers->set(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER'1');
  177.     }
  179.     /**
  180.      * In the default HttpCache implementation the reverse proxy cache is implemented too in PHP and triggered before the response is send to the client. We don't need to send the "real" cache-control headers to the end client (browser/cloudflare).
  181.      * If a external reverse proxy cache is used we still need to provide the actual cache-control, so the external system can cache the system correctly and set the cache-control again to
  182.      */
  183.     public function updateCacheControlForBrowser(BeforeSendResponseEvent $event): void
  184.     {
  185.         if ($this->reverseProxyEnabled) {
  186.             return;
  187.         }
  189.         $response $event->getResponse();
  191.         $noStore $response->headers->getCacheControlDirective('no-store');
  193.         // We don't want that the client will cache the website, if no reverse proxy is configured
  194.         $response->headers->remove('cache-control');
  195.         $response->setPrivate();
  197.         if ($noStore) {
  198.             $response->headers->addCacheControlDirective('no-store');
  199.         } else {
  200.             $response->headers->addCacheControlDirective('no-cache');
  201.         }
  202.     }
  204.     /**
  205.      * @param list<string> $cacheStates
  206.      * @param list<string> $states
  207.      */
  208.     private function hasInvalidationState(array $cacheStates, array $states): bool
  209.     {
  210.         foreach ($states as $state) {
  211.             if (\in_array($state$cacheStatestrue)) {
  212.                 return true;
  213.             }
  214.         }
  216.         return false;
  217.     }
  219.     private function buildCacheHash(SalesChannelContext $context): string
  220.     {
  221.         return md5(json_encode([
  222.             $context->getRuleIds(),
  223.             $context->getContext()->getVersionId(),
  224.             $context->getCurrency()->getId(),
  225.             $context->getCustomer() ? 'logged-in' 'not-logged-in',
  226.         ], \JSON_THROW_ON_ERROR));
  227.     }
  229.     /**
  230.      * System states can be used to stop caching routes at certain states. For example,
  231.      * the checkout routes are no longer cached if the customer has products in the cart or is logged in.
  232.      *
  233.      * @return list<string>
  234.      */
  235.     private function updateSystemState(Cart $cartSalesChannelContext $contextRequest $requestResponse $response): array
  236.     {
  237.         $states $this->getSystemStates($request$context$cart);
  239.         if (empty($states)) {
  240.             if ($request->cookies->has(self::SYSTEM_STATE_COOKIE)) {
  241.                 $response->headers->removeCookie(self::SYSTEM_STATE_COOKIE);
  242.                 $response->headers->clearCookie(self::SYSTEM_STATE_COOKIE);
  243.             }
  245.             return [];
  246.         }
  248.         $newStates implode(','$states);
  250.         if ($request->cookies->get(self::SYSTEM_STATE_COOKIE) !== $newStates) {
  251.             $cookie Cookie::create(self::SYSTEM_STATE_COOKIE$newStates);
  252.             $cookie->setSecureDefault($request->isSecure());
  254.             $response->headers->setCookie($cookie);
  255.         }
  257.         return $states;
  258.     }
  260.     /**
  261.      * @return list<string>
  262.      */
  263.     private function getSystemStates(Request $requestSalesChannelContext $contextCart $cart): array
  264.     {
  265.         $states = [];
  266.         $swStates = (string) $request->cookies->get(self::SYSTEM_STATE_COOKIE);
  267.         if ($swStates !== '') {
  268.             $states array_flip(explode(','$swStates));
  269.         }
  271.         $states $this->switchState($statesself::STATE_LOGGED_IN$context->getCustomer() !== null);
  273.         $states $this->switchState($statesself::STATE_CART_FILLED$cart->getLineItems()->count() > 0);
  275.         return array_keys($states);
  276.     }
  278.     /**
  279.      * @param array<string, int|bool> $states
  280.      *
  281.      * @return array<string, int|bool>
  282.      */
  283.     private function switchState(array $statesstring $keybool $match): array
  284.     {
  285.         if ($match) {
  286.             $states[$key] = true;
  288.             return $states;
  289.         }
  291.         unset($states[$key]);
  293.         return $states;
  294.     }
  296.     private function setCurrencyCookie(Request $requestResponse $response): void
  297.     {
  298.         $currencyId $request->get(SalesChannelContextService::CURRENCY_ID);
  300.         if (!$currencyId) {
  301.             return;
  302.         }
  304.         $cookie Cookie::create(self::CURRENCY_COOKIE$currencyId);
  305.         $cookie->setSecureDefault($request->isSecure());
  307.         $response->headers->setCookie($cookie);
  308.     }
  309. }