Ferreteria/v0.5/login/logout: Difference between revisions

From Woozle Writes Code
< Ferreteria‎ | v0.5‎ | login
Jump to navigation Jump to search
(Created page with "==Process== * Check login object: are we currently logged in? * If yes: ** '''Login object bookkeeping''': note logged-out ** '''Event log''': user logged out * Else (not logg...")
 
m (1 revision imported: moving this project here)
 
(No difference)

Latest revision as of 16:44, 22 May 2022

Process

  • Check login object: are we currently logged in?
  • If yes:
    • Login object bookkeeping: note logged-out
    • Event log: user logged out
  • Else (not logged in):
    • Event log: redundant logout

Code notes

Logged-in sessions come in two flavors -- login and reauth.

  • 1. Login is right after the user has submitted user/pw creds. If successful, the user's browser is given a session-cookie to use and is then immediately redirected (to clear out the POST input, thus preventing accidental multiple logins) and we go to phase 2.
  • 2. Reauth is when we need to check the user's session-cookie before we can know whether they're logged in or not. This represents the majority of logged-in sessions.

In-memory login state is stored in the static csLogin class (login/status.php).

Retrieved from "https://wooz.dev/mw/index.php?title=Ferreteria/v0.5/login/logout&oldid=2475"