mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-08 09:06:29 +02:00
Code Issues Releases Wiki Activity

Compare commits

base: mirror:v7.5.0
Branches Tags
mirror:master
mirror:v9.0.0 mirror:v8.3.0 mirror:v8.2.2 mirror:v8.2.1 mirror:v8.2.0 mirror:v8.1.0 mirror:v8.0.2 mirror:v8.0.1 mirror:v8.0.0 mirror:v7.6.0 mirror:v7.5.2 mirror:v7.5.1 mirror:v7.5.0 mirror:v7.4.0 mirror:v7.3.0 mirror:v7.2.0 mirror:v7.1.0 mirror:v7.0.0 mirror:v6.1.1 mirror:v6.1.0 mirror:v6.0.0 mirror:v5.2.0 mirror:v5.1.1 mirror:v5.1.0 mirror:v5.0.1 mirror:v5.0.0 mirror:v4.3.0 mirror:v4.2.0 mirror:v4.1.1 mirror:v4.1.0 mirror:v4.0.1 mirror:v4.0.0 mirror:v3.1.0 mirror:v3.0.0 mirror:v2.1.0 mirror:v2.0.1 mirror:v2.0.0 mirror:v1.1.0 mirror:v1.0.0
..
compare: mirror:v7.5.1
Branches Tags
mirror:master
mirror:v9.0.0 mirror:v8.3.0 mirror:v8.2.2 mirror:v8.2.1 mirror:v8.2.0 mirror:v8.1.0 mirror:v8.0.2 mirror:v8.0.1 mirror:v8.0.0 mirror:v7.6.0 mirror:v7.5.2 mirror:v7.5.1 mirror:v7.5.0 mirror:v7.4.0 mirror:v7.3.0 mirror:v7.2.0 mirror:v7.1.0 mirror:v7.0.0 mirror:v6.1.1 mirror:v6.1.0 mirror:v6.0.0 mirror:v5.2.0 mirror:v5.1.1 mirror:v5.1.0 mirror:v5.0.1 mirror:v5.0.0 mirror:v4.3.0 mirror:v4.2.0 mirror:v4.1.1 mirror:v4.1.0 mirror:v4.0.1 mirror:v4.0.0 mirror:v3.1.0 mirror:v3.0.0 mirror:v2.1.0 mirror:v2.0.1 mirror:v2.0.0 mirror:v1.1.0 mirror:v1.0.0

2 Commits
v7.5.0 ... v7.5.1

Author SHA1 Message Date
Marco
e7e174b05d Only configure and start session if not already started 2018-03-12 22:29:56 +01:00
Marco
8f35cc9965 Optimize spacing in PostgreSQL schema 2018-03-12 18:44:32 +01:00
2 changed files with 12 additions and 15 deletions
Expand all files Collapse all files

5
Database/PostgreSQL.sql
View File

@@ -25,9 +25,7 @@ CREATE TABLE IF NOT EXISTS "users_confirmations" (
"token" VARCHAR(255) NOT NULL,
"expires" INTEGER NOT NULL CHECK ("expires" >= 0)
);
CREATE INDEX IF NOT EXISTS "email_expires" ON "users_confirmations" ("email", "expires");
CREATE INDEX IF NOT EXISTS "user_id" ON "users_confirmations" ("user_id");
CREATE TABLE IF NOT EXISTS "users_remembered" (
@@ -37,7 +35,6 @@ CREATE TABLE IF NOT EXISTS "users_remembered" (
"token" VARCHAR(255) NOT NULL,
"expires" INTEGER NOT NULL CHECK ("expires" >= 0)
);
CREATE INDEX IF NOT EXISTS "user" ON "users_remembered" ("user");
CREATE TABLE IF NOT EXISTS "users_resets" (
@@ -47,7 +44,6 @@ CREATE TABLE IF NOT EXISTS "users_resets" (
"token" VARCHAR(255) NOT NULL,
"expires" INTEGER NOT NULL CHECK ("expires" >= 0)
);
CREATE INDEX IF NOT EXISTS "user_expires" ON "users_resets" ("user", "expires");
CREATE TABLE IF NOT EXISTS "users_throttling" (
@@ -56,7 +52,6 @@ CREATE TABLE IF NOT EXISTS "users_throttling" (
"replenished_at" INTEGER NOT NULL CHECK ("replenished_at" >= 0),
"expires_at" INTEGER NOT NULL CHECK ("expires_at" >= 0)
);
CREATE INDEX IF NOT EXISTS "expires_at" ON "users_throttling" ("expires_at");
COMMIT;

6
src/Auth.php
View File

@@ -48,7 +48,7 @@ final class Auth extends UserManager {
$this->sessionResyncInterval = isset($sessionResyncInterval) ? ((int) $sessionResyncInterval) : (60 * 5);
$this->rememberCookieName = self::createRememberCookieName();
$this->initSession();
$this->initSessionIfNecessary();
$this->enhanceHttpSecurity();
$this->processRememberDirective();
@@ -56,7 +56,8 @@ final class Auth extends UserManager {
}
/** Initializes the session and sets the correct configuration */
private function initSession() {
private function initSessionIfNecessary() {
if (\session_status() === \PHP_SESSION_NONE) {
// use cookies to store session IDs
\ini_set('session.use_cookies', 1);
// use cookies only (do not send session IDs in URLs)
@@ -67,6 +68,7 @@ final class Auth extends UserManager {
// start the session (requests a cookie to be written on the client)
@Session::start();
}
}
/** Improves the application's security over HTTP(S) by setting specific headers */
private function enhanceHttpSecurity() {