Merge pull request #1 from byjg/1.0

1.0
byjg · May 27, 2017 · aeec8b4 · aeec8b4
2 parents e5d624d + c4167c6
commit aeec8b4
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -67,3 +67,8 @@ session_set_save_handler($handler, true);
 $handler = new \ByJG\Session\JwtSession('your.domain.com', 'your super secret key');
 $handler->replaceSessionHandler(true);
 ```
+
+### How it works
+
+We store a cookie named AUTH_BEARER_<context name> with the session name. The PHPSESSID cookie is still created because
+PHP create it by default but we do not use it;
diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "byjg/jwt-session",
-    "description": "Use JWT Token as a PHP Session",
+    "description": "JwtSession is a PHP session replacement. Instead of use FileSystem, just use JWT TOKEN. The implementation following the SessionHandlerInterface.",
     "authors": [
         {
             "name": "João Gilberto Magalhães",

diff --git a/src/JwtSession.php b/src/JwtSession.php
@@ -79,7 +79,10 @@ public function close()
      */
     public function destroy($session_id)
     {
-        setcookie(self::COOKIE_PREFIX . $this->suffix, null);
+        if (!headers_sent()) {
+            setcookie(self::COOKIE_PREFIX . $this->suffix, null);
+        }
+
         return true;
     }
 
@@ -170,7 +173,9 @@ public function write($session_id, $session_data)
         $data = $jwt->createJwtData($this->unSerializeSessionData($session_data), $this->timeOutMinutes * 60);
         $token = $jwt->generateToken($data);
 
-        setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
+        if (!headers_sent()) {
+            setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
+        }
 
         return true;
     }

diff --git a/webtest/index.php b/webtest/index.php
@@ -2,8 +2,14 @@
 
 require_once __DIR__ . "/../vendor/autoload.php";
 
-$handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
-$handler->replaceSessionHandler(true);
+if (!isset($_REQUEST['turnoff'])) {   // Just for turnoff the session
+    $handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
+    $handler->replaceSessionHandler(true);
+} else {
+    echo "<H1>JWT Session is disabled</H1>";
+}
+
+session_start();
 
 ?>
 
@@ -25,5 +31,7 @@
         <li><a href="setsession.php">Set a session</a></li>
         <li><a href="unsetsession.php">Unset a session</a></li>
         <li><a href="destroy.php">Destroy all session</a></li>
+        <li><a href="index.php">Refresh Page</a></li>
+        <li><a href="index.php?turnoff=true">Turnoff JwtSession</a></li>
     </ul>
 </div>