| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add ldap connectiongitolite_local/ldap | Ismaël Bouya | 2021-02-08 | 1 | -2/+2 |
| | | |||||
| * | SessionManager+LoginManager: fix checkLoginState logic | VirtualTam | 2018-06-02 | 1 | -1/+4 |
| | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net> | ||||
| * | SessionManager: remove unused UID token | VirtualTam | 2018-06-02 | 1 | -6/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | There already are dedicated tokens for: - CSRF protection - user stay-signed-in feature, via cookie This token was most likely intended as a randomly generated, server-side, secret key to be used when generating hashes. See http://sebsauvage.net/wiki/doku.php?id=php:session [FR] Relevant section: Une clé secrète unique aléatoire est générée côté serveur (et jamais envoyée). Elle peut servir pour signer les formulaires (HMAC) ou générer des token de formulaires (protection contre XSRF). Voir $_SESSION['uid']. Translation: A unique, server-side secret key is randomly generated (and never transmitted). It can be used to sign forms (HMAC) or generate form tokens (protection against XSRF). See $_SESSION['uid'] Signed-off-by: VirtualTam <virtualtam@flibidi.net> | ||||
| * | Refactor LoginManager stay-signed-in token management | VirtualTam | 2018-06-02 | 1 | -3/+0 |
| | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net> | ||||
| * | Refactor session and cookie timeout control | VirtualTam | 2018-06-02 | 1 | -11/+37 |
| | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net> | ||||
| * | Move LoginManager and SessionManager to the Security namespace | VirtualTam | 2018-06-02 | 1 | -0/+179 |
| Signed-off-by: VirtualTam <virtualtam@flibidi.net> | |||||
 |
index : Shaarli | |
| The personal, minimalist, super-fast, database free, bookmarking service - community repo | Immae |
| aboutsummaryrefslogtreecommitdiffhomepage |