Session token theft detection
This package provides small library for token theft detection.
The preferred way to install this library is through composer.
Either run
php composer.phar require "hiqdev/session-keeper"
or add
"hiqdev/session-keeper": "*"
to the require section of your composer.json.
- Save for every session:
- is it secure (user chooses)
- browser fingerprint
- IP address
- Session can be revalidated by
- current fingerprint
- IP address
- Conditions:
- changed fingerprint - kill session, must relogin
- changed IP:
- the IP is secure - ok
- the IP is unknown - kill session, must relogin
This project is released under the terms of the MIT license. Read more here.
Copyright © 2019, HiQDev (http://hiqdev.com/)