Detailed Description

AuthTokenSession is a DefaultSession, but additionally requires clients to send a token in the X-Auth-Token request header (Double Submit Cookie).

The token is created, when the authenticated user is associated with the session and send to the client in a cookie named application-title-token.

Author
ingo herwig ingo@.nosp@m.wemo.nosp@m.ve.co.nosp@m.m

Definition at line 29 of file AuthTokenSession.php.

+ Inheritance diagram for AuthTokenSession:

Public Member Functions

 __construct (Configuration $configuration)
 
 setAuthUser ($login)
 
 getAuthUser ()
 
- Public Member Functions inherited from DefaultSession
 __construct (Configuration $configuration)
 
 __destruct ()
 
 getID ()
 
 get ($key, $default=null)
 
 set ($key, $value)
 
 remove ($key)
 
 exist ($key)
 
 clear ()
 
 destroy ()
 
 setAuthUser ($login)
 
 getAuthUser ()
 

Public Attributes

const TOKEN_HEADER = 'X-Auth-Token'
 
- Public Attributes inherited from DefaultSession
const AUTH_USER_NAME = 'auth_user'
 

Protected Member Functions

 isTokenValid ()
 
- Protected Member Functions inherited from DefaultSession
 getCookiePrefix ()
 

Constructor & Destructor Documentation

__construct ( Configuration  $configuration)

Constructor.

Parameters
$configuration

Definition at line 40 of file AuthTokenSession.php.

Member Function Documentation

setAuthUser (   $login)
See also
Session::setAuthUser()

Implements Session.

Definition at line 49 of file AuthTokenSession.php.

getAuthUser ( )
See also
Session::getAuthUser()

Implements Session.

Definition at line 67 of file AuthTokenSession.php.

isTokenValid ( )
protected

Check if the request contains a valid token.

Definition at line 75 of file AuthTokenSession.php.

Member Data Documentation

const TOKEN_HEADER = 'X-Auth-Token'

Definition at line 31 of file AuthTokenSession.php.