Ferreteria/v0.5/login/session

From Woozle Writes Code

< Ferreteria‎ | v0.5‎ | login

Revision as of 15:37, 24 March 2022 by htyp>Woozle (Created page with "==Process== * If browser has a Session cookie: ** Search for Session matching the cookie ** If found: *** '''Session bookkeeping''': update WhenUsed *** '''Account bookkeeping...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Process

If browser has a Session cookie:
- Search for Session matching the cookie
- If found:
  - Session bookkeeping: update WhenUsed
  - Account bookkeeping: update WhenUsed
  - Login object bookkeeping: note session-logged-in
- Else (no matching Session)
  - if Session ID matches but token is wrong:
    - Event log: token mismatch (possible hacking attempt)
  - Create new Session
  - Send correct Session cookie to browser
  - Login object bookkeeping: note not-logged-in
Else (no Session cookie)
- Search for Session matching the browser profile
- If found:
  - Generate Session cookie and send it to browser
  - Login object bookkeeping: note not-logged-in

Code

authenticating session

<Session Feature>->UserIsLoggedIn()

→ NativeRow()->UserIsLoggedIn()

reading login status

Example: see code in cMenuLink->FigureIfAuthorized() in tree/items/MenuLink.php

This is called once per object from ftRequiresPermit->OnRunCalculations() in tree/items/traits.php.

Retrieved from "https://wooz.dev/mw/index.php?title=Ferreteria/v0.5/login/session&oldid=2476"