mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-07 08:36:28 +02:00
Code Issues Releases Wiki Activity

Only configure and start session if not already started

Browse Source
This commit is contained in:
Marco
2018-03-12 22:29:56 +01:00
parent 8f35cc9965
commit d930a770de
1 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Auth.php
View File

@@ -48,7 +48,7 @@ final class Auth extends UserManager {
$this->sessionResyncInterval = isset($sessionResyncInterval) ? ((int) $sessionResyncInterval) : (60 * 5); $this->sessionResyncInterval = isset($sessionResyncInterval) ? ((int) $sessionResyncInterval) : (60 * 5);
$this->rememberCookieName = self::createRememberCookieName(); $this->rememberCookieName = self::createRememberCookieName();
$this->initSession(); $this->initSessionIfNecessary();
$this->enhanceHttpSecurity(); $this->enhanceHttpSecurity();
$this->processRememberDirective(); $this->processRememberDirective();
@@ -56,7 +56,8 @@ final class Auth extends UserManager {
} }
/** Initializes the session and sets the correct configuration */ /** Initializes the session and sets the correct configuration */
private function initSession() { private function initSessionIfNecessary() {
if (\session_status() === \PHP_SESSION_NONE) {
// use cookies to store session IDs // use cookies to store session IDs
\ini_set('session.use_cookies', 1); \ini_set('session.use_cookies', 1);
// use cookies only (do not send session IDs in URLs) // use cookies only (do not send session IDs in URLs)
@@ -67,6 +68,7 @@ final class Auth extends UserManager {
// start the session (requests a cookie to be written on the client) // start the session (requests a cookie to be written on the client)
@Session::start(); @Session::start();
} }
}
/** Improves the application's security over HTTP(S) by setting specific headers */ /** Improves the application's security over HTTP(S) by setting specific headers */
private function enhanceHttpSecurity() { private function enhanceHttpSecurity() {