Ferreteria/v0.5/login/session: Difference between revisions
< Ferreteria | v0.5 | login
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 23: | Line 23: | ||
*** <code>{{arg|Session Feature}}->MakeActiveSession()</code> | *** <code>{{arg|Session Feature}}->MakeActiveSession()</code> | ||
**** <code>{{arg|Session Feature}}->ActivateSession()</code> | **** <code>{{arg|Session Feature}}->ActivateSession()</code> | ||
***** This then basically carries out the process described above. | |||
Revision as of 16:16, 24 March 2022
Process
- If browser has a Session cookie:
- Search for Session matching the cookie
- If found:
- Session bookkeeping: update WhenUsed
- Account bookkeeping: update WhenUsed
- Login object bookkeeping: note session-logged-in
- Else (no matching Session)
- if Session ID matches but token is wrong:
- Event log: token mismatch (possible hacking attempt)
- Create new Session
- Send correct Session cookie to browser
- Login object bookkeeping: note not-logged-in
- if Session ID matches but token is wrong:
- Else (no Session cookie)
- Search for Session matching the browser profile
- If found:
- Generate Session cookie and send it to browser
- Login object bookkeeping: note not-logged-in
Code
Everything starts with csLogin::IsLoggedIn(), which calls...
csLogin::Validity()csLogin::Validate()<Session Feature>->MakeActiveSession()<Session Feature>->ActivateSession()- This then basically carries out the process described above.