add HOOK_VALIDATE_SESSION

3 files changed, 25 insertions, 0 deletions

diff --git a/classes/Plugin.php b/classes/Plugin.php
index d941a1616..cc50ae75e 100644
--- a/classes/Plugin.php
+++ b/classes/Plugin.php
@@ -706,4 +706,11 @@ abstract class Plugin {
 	function hook_loginform_additional_buttons() {
 		user_error("Dummy method invoked.", E_USER_ERROR);
 	}
+
+	/** Returns false if session is considered invalid, true cascades to next handler */
+	function hook_validate_session(): bool {
+		user_error("Dummy method invoked.", E_USER_ERROR);
+		return false;
+	}
+
 }
diff --git a/classes/PluginHost.php b/classes/PluginHost.php
index c2d0407d4..e39273672 100644
--- a/classes/PluginHost.php
+++ b/classes/PluginHost.php
@@ -199,6 +199,9 @@ class PluginHost {
 	/** @see Plugin::hook_loginform_additional_buttons() */
 	const HOOK_LOGINFORM_ADDITIONAL_BUTTONS = "hook_loginform_additional_buttons";
 
+	/** @see Plugin::hook_validate_session() */
+	const HOOK_VALIDATE_SESSION = "hook_validate_session";
+
 	const KIND_ALL = 1;
 	const KIND_SYSTEM = 2;
 	const KIND_USER = 3;
diff --git a/include/sessions.php b/include/sessions.php
index 605ca9325..c863a4f2c 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -49,6 +49,21 @@
 					$_SESSION["login_error_msg"] = __("Session failed to validate (account is disabled)");
 					return false;
 				}
+
+				// default to true because there might not be any hooks and this is our last check
+				$hook_result = true;
+
+				\PluginHost::getInstance()->chain_hooks_callback(\PluginHost::HOOK_VALIDATE_SESSION,
+					function ($result) use (&$hook_result) {
+						$hook_result = $result;
+
+						if (!$result) {
+							return true;
+						}
+					});
+
+				return $hook_result;
+
 			} else {
 				$_SESSION["login_error_msg"] = __("Session failed to validate (user not found)");
 				return false;