summon - 源码 - 源码 - 免费下载

summon

文件大小： unknow

源码售价： 5 个金币积分规则积分充值

资源说明：secure minimal php "remember me" methodology

# Summon
Simply and securely handle your user sessions 

[![Latest Stable Version](https://poser.pugx.org/acidjazz/summon/v/stable.svg)](https://packagist.org/packages/acidjazz/summon)
[![Total Downloads](https://poser.pugx.org/acidjazz/summon/downloads.svg)](https://packagist.org/packages/acidjazz/summon)
[![Latest Unstable Version](https://poser.pugx.org/acidjazz/summon/v/unstable.svg)](https://packagist.org/packages/acidjazz/summon)
[![License](https://poser.pugx.org/acidjazz/summon/license.svg)](https://packagist.org/packages/acidjazz/summon)
[![Gitter](https://img.shields.io/badge/GITTER-join%20chat-green.svg)](https://gitter.im/acidjazz/summon?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)


### what is this 
this is just a simple secure way to set cookies and revive expired sessions for as long as you want.  it also allows you to view and control all logged in sessions of a user and where they are coming from.

### how it works
* sets a cookie of an encoded string of some data when the user logs in.
* stores stuff in the user model for better verification
* upon our normal session expiring, allows you to re-login the user

### features
* multiple browser/client support
  * monitor and control mutiple sessions
* multiple level verification
  * verify cookie expiration
  * verify browser agent (optional)
  * store/verify our hash at the DB level
* non-expensive DB lookup
  * store an indexable identifier to avoid an expensive user lookup

### examples

Log a user in after, assuming $user is some sort of user model :

```php
id(true), $user->sessions);
$user->sessions = $results['sessions'];
$user->save();
```

Check if a user is logged in:

```php
exists() && isset($user->sessions[$data['hash']])) {
      return $user;
    }

  }

  return false;

}
```

Remove a session, logout a user

```php
summon = Summon\Summon::remove($user->summon);
$user->save();
```


### installation
1. modify your user table/collection to allow a small object of hash=>string
2. store the results of summon::set() in your user model (check login.php)
3. add code to verify expired sessions w/ a potential re-login (check check.php)
4. add code at your logout area to remove expired hash=>strings from your user model ( check logout.php )
5. add a define "SUMMON_SECRET" with the value of a unique hash/string and keep it safe


### TODO
* remove expired/invalid summons upon check
* for dynamic timeouts based on agent/etc .. for reasons like tablets/phones to have a shorter expiration
* support for more parameters for hte payload for db/index purposes

### why?
I've spent hours googling this methodology enough to predict something like this needs to exist.  Please if you have any comments/ideas/features let me know or even better fork this and submit pull requests.

部分文件列表（点击文件名可查看文件内容）

					
									本源码包内暂不包含可直接显示的源代码文件，请下载源码包。