Merge pull request #1 from byjg/1.0

byjg · web-flow · commit aeec8b4d4c67 · 2017-05-27T18:39:53.000-03:00
1.0
diff --git a/README.md b/README.md
@@ -67,3 +67,8 @@ session_set_save_handler($handler, true);
 $handler = new \ByJG\Session\JwtSession('your.domain.com', 'your super secret key');
 $handler->replaceSessionHandler(true);
 ```
+
+### How it works
+
+We store a cookie named AUTH_BEARER_<context name> with the session name. The PHPSESSID cookie is still created because
+PHP create it by default but we do not use it;
diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "byjg/jwt-session",
-    "description": "Use JWT Token as a PHP Session",
+    "description": "JwtSession is a PHP session replacement. Instead of use FileSystem, just use JWT TOKEN. The implementation following the SessionHandlerInterface.",
     "authors": [
         {
             "name": "João Gilberto Magalhães",
diff --git a/src/JwtSession.php b/src/JwtSession.php
@@ -79,7 +79,10 @@ public function close()
      */
     public function destroy($session_id)
     {
-        setcookie(self::COOKIE_PREFIX . $this->suffix, null);
+        if (!headers_sent()) {
+            setcookie(self::COOKIE_PREFIX . $this->suffix, null);
+        }
+
         return true;
     }
 
@@ -170,7 +173,9 @@ public function write($session_id, $session_data)
         $data = $jwt->createJwtData($this->unSerializeSessionData($session_data), $this->timeOutMinutes * 60);
         $token = $jwt->generateToken($data);
 
-        setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
+        if (!headers_sent()) {
+            setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
+        }
 
         return true;
     }
diff --git a/webtest/index.php b/webtest/index.php
@@ -2,8 +2,14 @@
 
 require_once __DIR__ . "/../vendor/autoload.php";
 
-$handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
-$handler->replaceSessionHandler(true);
+if (!isset($_REQUEST['turnoff'])) {   // Just for turnoff the session
+    $handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
+    $handler->replaceSessionHandler(true);
+} else {
+    echo "<H1>JWT Session is disabled</H1>";
+}
+
+session_start();
 
 ?>
 
@@ -25,5 +31,7 @@
         <li><a href="setsession.php">Set a session</a></li>
         <li><a href="unsetsession.php">Unset a session</a></li>
         <li><a href="destroy.php">Destroy all session</a></li>
+        <li><a href="index.php">Refresh Page</a></li>
+        <li><a href="index.php?turnoff=true">Turnoff JwtSession</a></li>
     </ul>
 </div>

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "byjg/jwt-session",`
`3`		`- "description": "Use JWT Token as a PHP Session",`
	`3`	`+ "description": "JwtSession is a PHP session replacement. Instead of use FileSystem, just use JWT TOKEN. The implementation following the SessionHandlerInterface.",`
`4`	`4`	`"authors": [`
`5`	`5`	`{`
`6`	`6`	`"name": "João Gilberto Magalhães",`
Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,10 @@ public function close()`
`79`	`79`	`*/`
`80`	`80`	`public function destroy($session_id)`
`81`	`81`	`{`
`82`		`- setcookie(self::COOKIE_PREFIX . $this->suffix, null);`
	`82`	`+ if (!headers_sent()) {`
	`83`	`+ setcookie(self::COOKIE_PREFIX . $this->suffix, null);`
	`84`	`+ }`
	`85`	`+`
`83`	`86`	`return true;`
`84`	`87`	`}`
`85`	`88`
`@@ -170,7 +173,9 @@ public function write($session_id, $session_data)`
`170`	`173`	`$data = $jwt->createJwtData($this->unSerializeSessionData($session_data), $this->timeOutMinutes * 60);`
`171`	`174`	`$token = $jwt->generateToken($data);`
`172`	`175`
`173`		`- setcookie(self::COOKIE_PREFIX . $this->suffix, $token);`
	`176`	`+ if (!headers_sent()) {`
	`177`	`+ setcookie(self::COOKIE_PREFIX . $this->suffix, $token);`
	`178`	`+ }`
`174`	`179`
`175`	`180`	`return true;`
`176`	`181`	`}`