Skip to content

hiqdev/session-keeper

Repository files navigation

Session Keeper

Session token theft detection

Latest Stable Version Total Downloads Build Status Scrutinizer Code Coverage Scrutinizer Code Quality

This package provides small library for token theft detection.

Installation

The preferred way to install this library is through composer.

Either run

php composer.phar require "hiqdev/session-keeper"

or add

"hiqdev/session-keeper": "*"

to the require section of your composer.json.

Idea

  • Save for every session:
    • is it secure (user chooses)
    • browser fingerprint
    • IP address
  • Session can be revalidated by
    • current fingerprint
    • IP address
  • Conditions:
    • changed fingerprint - kill session, must relogin
    • changed IP:
      • the IP is secure - ok
      • the IP is unknown - kill session, must relogin

License

This project is released under the terms of the MIT license. Read more here.

Copyright © 2019, HiQDev (http://hiqdev.com/)

Releases

No releases published

Packages

No packages published