jlsalvador / yii-db-http-token-session
YiiDbHttpTokenSession is a Yii extension that extends CDbHttpSession by using a database as a token-session linker for each request-response without the need of a cookie or PHPSESSID usage (like a Rest Api solution).
Installs: 7
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 1
Forks: 0
Open Issues: 0
Type:yii-extension
This package is not auto-updated.
Last update: 2024-05-20 14:16:30 UTC
README
YiiDbHttpTokenSession is a Yii extension that extends CDbHttpSession by using a database as a token-session linker for each request-response without the need of a cookie or PHPSESSID usage (like a Rest Api solution).
How it works
The first time that you make a request and your application use a PHP session, a token will be generated and will be echoed in the HTTP header response like Token: 12345678901234567890123456789012
.
Use this token in the next HTTP header request to continue the session, like Token: 12345678901234567890123456789012
. You can use the HTTP parameter _t
too (by default).
Each request generate a new Token that will be sent to the HTTP header response.
Requirements
- PHP 5.3.0 (older versions untested)
- YiiFramework 1.1.13 (older versions untested)
Install
-
Get the source in one of the following ways:
- Download the lasted version and place the files under
protected/extensions/YiiDbHttpTokenSession/
under your application root directory. - Add this repository as a git submodule to your repository by calling under your application root directory:
git submodule add https://github.com/jlsalvador/YiiDbHttpTokenSession.git protected/extensions/YiiDbHttpTokenSession
- Download the lasted version and place the files under
-
Edit your application configuration and set the session component to YiiDbHttpTokenSession:
'components'=>array( 'session'=>array( 'class'=>'ext.YiiDbHttpTokenSession', 'connectionID'=>'db', // Set the database Yii component, it's optional. 'tokenRequestKeyName'=>'_t', // The $_REQUEST index name that will store a token id instead the HTTP header, defaults to '_t'. 'tokenHeaderKeyName'=>'HTTP_TOKEN', // The $_SERVER index name that will store a token id, defaults to 'HTTP_TOKEN'. 'tokenTimeout'=>1440, // The number of seconds after which data will be seen as garbage and cleaned up, defaults to 1440 seconds. 'tokenTableName'=>'YiiToken', // The token table name, defaults to 'YiiToken'. 'autoCreateTokenTable'=>true, // Whether the token DB table should be automatically created if not exists, defaults to true. ), ),
Examples
JavaScript:
var tokenId = '12345678901234567890123456789012'; // Set here your last token id from the HTTP header response. $.ajax({ beforeSend: function (xhr) { xhr.setRequestHeader('Token', tokenId); }, url:'http://my-site.com/api/work', type:'GET', success:function(data) { console.log(data); }, error:function (xhr, ajaxOptions, thrownError){ console.log(xhr.responseText); } }).then(function (data, textStatus, xhr) { tokenId = xhr.getResponseHeader('Token'); // This set the next token id for the next request. });
CURL:
curl -i -H "Accept: application/json" -H "Token: 12345678901234567890123456789012" http://my-site.com/api/work
Contributors
License
YiiDbHttpTokenSession is released under the GNU Lesser General Public License.