Session

Session based authentication adapter

This authentication adapter uses the session cache to store the user identity and token.

Configuration Directives

autologin.period - default: 1

This is the period in which the autologin cookie will remain active (ie: will expire after this many days). The default is one day.

autologin.hash - default: md5

This is the hash algorithm used to encrypt the token placed in the cookie in the user's browser session. This data is hashed to ensure that it can not be manipulated by the user.

token.hash - default: md5

The token hash is the value stored in the session cache and is used to confirm that a user account is authenticated. As an added security measure we apply a hash to this value so that plain test passwords will never be stored in the session cache, even if there is no password encryption chain.

timeout - default: 3600

For a standard login, this is the session expirey timeout. Basically this is the maximum time in which a session will ever be active. If autologin is being used, then it is quite common to set this to a low value to allow the user to be re-authenticated with the autologin token periodically.

Properties

sessionKey

private string $sessionKey

session

private array $session

Methods

__construct

public  __construct({Array})

Parameters

Parameter	Type	Description
$config	Map

isEmpty

public  isEmpty({Array})

read

public  read({Array})

write

public  write({Array})

Parameters

Parameter	Type	Description
$data	array

has

public  has({Array})

Parameters

Parameter	Type	Description
$key	string

get

public  get({Array})

Parameters

Parameter	Type	Description
$key	string

set

public  set({Array})

Parameters

Parameter	Type	Description
$key	string
$value	mixed

public  ({Array})

Parameters

Parameter	Type	Description
$key	string

clear

public  clear({Array})

getToken

public  getToken({Array})

---

Generated by Hazaar API Doc Generator