Update README.md

Author: byjg

README.md

@@ -65,3 +65,8 @@ session_set_save_handler($handler, true);
 $handler = new \ByJG\Session\JwtSession('your.domain.com', 'your super secret key');
 $handler->replaceSessionHandler(true);
 ```
+
+### How it works
+
+We store a cookie named AUTH_BEARER_<context name> with the session name. The PHPSESSID cookie is still created because
+PHP create it by default but we do not use it;

webtest/index.php

@@ -2,8 +2,14 @@
 
 require_once __DIR__ . "/../vendor/autoload.php";
 
-$handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
-$handler->replaceSessionHandler(true);
+if (!isset($_REQUEST['turnoff'])) {   // Just for turnoff the session
+    $handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
+    $handler->replaceSessionHandler(true);
+} else {
+    echo "<H1>JWT Session is disabled</H1>";
+}
+
+session_start();
 
 ?>
 
@@ -25,5 +31,7 @@
         <li><a href="setsession.php">Set a session</a></li>
         <li><a href="unsetsession.php">Unset a session</a></li>
         <li><a href="destroy.php">Destroy all session</a></li>
+        <li><a href="index.php">Refresh Page</a></li>
+        <li><a href="index.php?turnoff=true">Turnoff JwtSession</a></li>
     </ul>
 </div>