From d0da8d04c5bf3160de0bdf8e82b585de7215e06d Mon Sep 17 00:00:00 2001
From: Joao Gilberto Magalhaes <joao@byjg.com.br>
Date: Tue, 28 Mar 2017 11:50:51 -0300
Subject: [PATCH 1/5] Fix error - header already sent

---
 src/JwtSession.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/JwtSession.php b/src/JwtSession.php
index f371f9c..05be3cf 100644
--- a/src/JwtSession.php
+++ b/src/JwtSession.php
@@ -79,6 +79,10 @@ public function close()
      */
     public function destroy($session_id)
     {
+        if (headers_sent()) {
+            return false;
+        }
+
         setcookie(self::COOKIE_PREFIX . $this->suffix, null);
         return true;
     }
@@ -170,8 +174,11 @@ public function write($session_id, $session_data)
         $data = $jwt->createJwtData($this->unSerializeSessionData($session_data), $this->timeOutMinutes * 60);
         $token = $jwt->generateToken($data);
 
-        setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
+        if (headers_sent()) {
+            return false;
+        }
 
+        setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
         return true;
     }
 

From 43764e0337cfc3991d735717449e52d1347c86bb Mon Sep 17 00:00:00 2001
From: Joao Gilberto Magalhaes <joao@byjg.com.br>
Date: Tue, 28 Mar 2017 11:56:42 -0300
Subject: [PATCH 2/5] Fix error - header already sent (2)

---
 src/JwtSession.php | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/JwtSession.php b/src/JwtSession.php
index 05be3cf..2685844 100644
--- a/src/JwtSession.php
+++ b/src/JwtSession.php
@@ -80,10 +80,9 @@ public function close()
     public function destroy($session_id)
     {
         if (headers_sent()) {
-            return false;
+            setcookie(self::COOKIE_PREFIX . $this->suffix, null);
         }
 
-        setcookie(self::COOKIE_PREFIX . $this->suffix, null);
         return true;
     }
 
@@ -174,11 +173,10 @@ public function write($session_id, $session_data)
         $data = $jwt->createJwtData($this->unSerializeSessionData($session_data), $this->timeOutMinutes * 60);
         $token = $jwt->generateToken($data);
 
-        if (headers_sent()) {
-            return false;
+        if (!headers_sent()) {
+            setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
         }
 
-        setcookie(self::COOKIE_PREFIX . $this->suffix, $token);
         return true;
     }
 

From de265199b9f0eb65a9c6423132f14985e2d9d729 Mon Sep 17 00:00:00 2001
From: Joao Gilberto Magalhaes <joao@byjg.com.br>
Date: Tue, 28 Mar 2017 13:26:39 -0300
Subject: [PATCH 3/5] Fix error - header already sent (2)

---
 src/JwtSession.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/JwtSession.php b/src/JwtSession.php
index 2685844..1ed685a 100644
--- a/src/JwtSession.php
+++ b/src/JwtSession.php
@@ -79,7 +79,7 @@ public function close()
      */
     public function destroy($session_id)
     {
-        if (headers_sent()) {
+        if (!headers_sent()) {
             setcookie(self::COOKIE_PREFIX . $this->suffix, null);
         }
 

From d389e62de123dd9c0f25739d67d018df736efcee Mon Sep 17 00:00:00 2001
From: Joao Gilberto Magalhaes <joao@byjg.com.br>
Date: Sat, 27 May 2017 18:19:06 -0300
Subject: [PATCH 4/5] Update composer.json

---
 composer.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index 801ff9a..0e23718 100644
--- a/composer.json
+++ b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "byjg/jwt-session",
-    "description": "Use JWT Token as a PHP Session",
+    "description": "JwtSession is a PHP session replacement. Instead of use FileSystem, just use JWT TOKEN. The implementation following the SessionHandlerInterface.",
     "authors": [
         {
             "name": "João Gilberto Magalhães",

From c4167c6984bb216dfb7bbfda6fa03bfcd7e78078 Mon Sep 17 00:00:00 2001
From: Joao Gilberto Magalhaes <joao@byjg.com.br>
Date: Sat, 27 May 2017 18:38:03 -0300
Subject: [PATCH 5/5] Update README.md

---
 README.md         |  5 +++++
 webtest/index.php | 12 ++++++++++--
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index d9f76f5..b6a45bc 100644
--- a/README.md
+++ b/README.md
@@ -65,3 +65,8 @@ session_set_save_handler($handler, true);
 $handler = new \ByJG\Session\JwtSession('your.domain.com', 'your super secret key');
 $handler->replaceSessionHandler(true);
 ```
+
+### How it works
+
+We store a cookie named AUTH_BEARER_<context name> with the session name. The PHPSESSID cookie is still created because
+PHP create it by default but we do not use it;
\ No newline at end of file
diff --git a/webtest/index.php b/webtest/index.php
index c2378af..1f82884 100644
--- a/webtest/index.php
+++ b/webtest/index.php
@@ -2,8 +2,14 @@
 
 require_once __DIR__ . "/../vendor/autoload.php";
 
-$handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
-$handler->replaceSessionHandler(true);
+if (!isset($_REQUEST['turnoff'])) {   // Just for turnoff the session
+    $handler = new \ByJG\Session\JwtSession('api.com.br', '1234567890');
+    $handler->replaceSessionHandler(true);
+} else {
+    echo "<H1>JWT Session is disabled</H1>";
+}
+
+session_start();
 
 ?>
 
@@ -25,5 +31,7 @@
         <li><a href="setsession.php">Set a session</a></li>
         <li><a href="unsetsession.php">Unset a session</a></li>
         <li><a href="destroy.php">Destroy all session</a></li>
+        <li><a href="index.php">Refresh Page</a></li>
+        <li><a href="index.php?turnoff=true">Turnoff JwtSession</a></li>
     </ul>
 </div>