Ferreteria/v0.5/login/logout

From Woozle Writes Code

< Ferreteria‎ | v0.5‎ | login

Jump to navigation Jump to search

Process

Check login object: are we currently logged in?
If yes:
- Login object bookkeeping: note logged-out
- Event log: user logged out
Else (not logged in):
- Event log: redundant logout

Code notes

Logged-in sessions come in two flavors -- login and reauth.

1. Login is right after the user has submitted user/pw creds. If successful, the user's browser is given a session-cookie to use and is then immediately redirected (to clear out the POST input, thus preventing accidental multiple logins) and we go to phase 2.
2. Reauth is when we need to check the user's session-cookie before we can know whether they're logged in or not. This represents the majority of logged-in sessions.

In-memory login state is stored in the static csLogin class (login/status.php).

Retrieved from "https://wooz.dev/mw/index.php?title=Ferreteria/v0.5/login/logout&oldid=2475"