Ferreteria/v0.5/login/session: Difference between revisions
< Ferreteria | v0.5 | login
Jump to navigation
Jump to search
No edit summary |
(code file links) |
||
| Line 24: | Line 24: | ||
**** <code>{{arg|Session Feature}}->ActivateSession()</code> | **** <code>{{arg|Session Feature}}->ActivateSession()</code> | ||
***** This then basically carries out the process described above. | ***** This then basically carries out the process described above. | ||
Files: | |||
* <code>csLogin</code> is in {{l/ferreteria/code|login/status.php}} | |||
* <code>{{arg|Session Feature}}</code> is in {{l/ferreteria/code|login/session/feature.php}} | |||
Revision as of 14:11, 26 March 2022
Process
- If browser has a Session cookie:
- Search for Session matching the cookie
- If found:
- Session bookkeeping: update WhenUsed
- Account bookkeeping: update WhenUsed
- Login object bookkeeping: note session-logged-in
- Else (no matching Session)
- if Session ID matches but token is wrong:
- Event log: token mismatch (possible hacking attempt)
- Create new Session
- Send correct Session cookie to browser
- Login object bookkeeping: note not-logged-in
- if Session ID matches but token is wrong:
- Else (no Session cookie)
- Search for Session matching the browser profile
- If found:
- Generate Session cookie and send it to browser
- Login object bookkeeping: note not-logged-in
Code
Everything starts with csLogin::IsLoggedIn(), which calls...
csLogin::Validity()csLogin::Validate()<Session Feature>->MakeActiveSession()<Session Feature>->ActivateSession()- This then basically carries out the process described above.
Files:
csLoginis in login/status.php<Session Feature>is in login/session/feature.php