Merge pull request #173 from kenjis/refactor-remove-SESSION

refactor: remove $_SESSION

Author: lonnieezell

src/Authentication/Authenticators/Session.php

@@ -655,15 +655,17 @@ public function logout(): bool
 
         // Destroy the session data - but ensure a session is still
         // available for flash messages, etc.
-        if (isset($_SESSION)) {
-            foreach (array_keys($_SESSION) as $key) {
-                $_SESSION[$key] = null;
-                unset($_SESSION[$key]);
+        /** @var \CodeIgniter\Session\Session $session */
+        $session     = session();
+        $sessionData = $session->get();
+        if (isset($sessionData)) {
+            foreach (array_keys($sessionData) as $key) {
+                $session->remove($key);
             }
         }
 
         // Regenerate the session ID for a touch of added safety.
-        session()->regenerate(true);
+        $session->regenerate(true);
 
         // Take care of any remember-me functionality
         $this->rememberModel->purgeRememberTokens($this->user);

src/Entities/User.php

@@ -47,7 +47,7 @@ class User extends Entity
     /**
      * Returns the first identity of the given $type for this user.
      *
-     * @param string $type 'email_2fa'|'email_activate'|'email_password'
+     * @param string $type 'email_2fa'|'email_activate'|'email_password'|'magic-link'
      */
     public function getIdentity(string $type): ?UserIdentity
     {