legalthings / mongodb-session-handler
A session handler that stores structured data in MongoDB
Installs: 9 923
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 8
Forks: 0
Open Issues: 1
Requires
- php: >=7.1
- ext-mongodb: *
- mongodb/mongodb: ^1.3
- paragonie/random_compat: ^2.0
Requires (Dev)
- phpunit/phpunit: ^5.6
This package is auto-updated.
Last update: 2024-04-11 18:13:15 UTC
README
The LegalThings MongoDB session handler stores sessions as structured data in MongoDB. This allows a process to fetch and modify or remove a session based on its data.
Use cases
Remove user sessions when a password changes
When you change your password, you want to remove all the other sessions of the user. This is a security measure, the old password may be comprimised and a hacker may already have logged in. Without invalidating his session, he can continue to use the user account even after the password has changed.
Cache and update user information
For performance reasons you might store the user's information like name, image, team name, etc in the session. When a team changes it's name, you want to find all the sessions of the users within that team and update the information.
Installation
composer require legalthings/mongodb-session-handler
This libary uses the legacy Mongo driver. If you're running PHP7 or simply are already using the new MongoDB
driver, please install alcaeus/mongo-php-adapter.
Usage
$mongo = new MongoClient(); $collection = $mongo->some_db->sessions; $handler = new MongodbSessionHandler($collection); session_set_save_handler($handler);
To create read-only sessions use new MongodbSessionHandler($collection, 'r')