Ferreteria/v0.5/login/session: Difference between revisions
< Ferreteria | v0.5 | login
Jump to navigation
Jump to search
(code file links) |
No edit summary |
||
| Line 25: | Line 25: | ||
***** This then basically carries out the process described above. | ***** This then basically carries out the process described above. | ||
Files: | '''Files''': | ||
* <code>csLogin</code> is in {{l/ferreteria/code|login/status.php}} | * <code>csLogin</code> is in {{l/ferreteria/code|login/status.php}} | ||
* <code>{{arg|Session Feature}}</code> is in {{l/ferreteria/code|login/session/feature.php}} | * <code>{{arg|Session Feature}}</code> is in {{l/ferreteria/code|login/session/feature.php}} | ||
'''SQL''': {{l/ver|SQL/user session}} | |||
Revision as of 17:58, 27 March 2022
Process
- If browser has a Session cookie:
- Search for Session matching the cookie
- If found:
- Session bookkeeping: update WhenUsed
- Account bookkeeping: update WhenUsed
- Login object bookkeeping: note session-logged-in
- Else (no matching Session)
- if Session ID matches but token is wrong:
- Event log: token mismatch (possible hacking attempt)
- Create new Session
- Send correct Session cookie to browser
- Login object bookkeeping: note not-logged-in
- if Session ID matches but token is wrong:
- Else (no Session cookie)
- Search for Session matching the browser profile
- If found:
- Generate Session cookie and send it to browser
- Login object bookkeeping: note not-logged-in
Code
Everything starts with csLogin::IsLoggedIn(), which calls...
csLogin::Validity()csLogin::Validate()<Session Feature>->MakeActiveSession()<Session Feature>->ActivateSession()- This then basically carries out the process described above.
Files:
csLoginis in login/status.php<Session Feature>is in login/session/feature.php
SQL: SQL/user session