Merge pull request 'MAPG-230 renew session cookie if it already exists' (#44) from bugfix/MAPG-230-session-s-cookie-is-not-renewed into develop
All checks were successful
default-pipeline default-pipeline #203
All checks were successful
default-pipeline default-pipeline #203
Reviewed-on: https://gitea.e5tv.hu/esoko/mapguesser/pulls/44
This commit is contained in:
commit
1c3238e64e
14
web.php
14
web.php
@ -74,13 +74,23 @@ if (isset($_COOKIE['COOKIES_CONSENT'])) {
|
||||
|
||||
session_set_save_handler(Container::$sessionHandler, true);
|
||||
session_start([
|
||||
'gc_maxlifetime' => 604800,
|
||||
'gc_probability' => 0, // old sessions are deleted by MaintainDatabaseCommand
|
||||
'cookie_lifetime' => 604800, // TODO: cookie is not renewed so session can be lost
|
||||
'cookie_lifetime' => 604800,
|
||||
'cookie_path' => '/',
|
||||
'cookie_httponly' => true,
|
||||
'cookie_samesite' => 'Lax'
|
||||
]);
|
||||
|
||||
if (isset($_COOKIE[session_name()])) {
|
||||
// extend session cookie lifetime is cookie already exists
|
||||
setcookie(session_name(), session_id(), [
|
||||
'expires' => time() + 604800,
|
||||
'path' => '/',
|
||||
'httponly' => true,
|
||||
'samesite' => 'Lax'
|
||||
]);
|
||||
}
|
||||
|
||||
// this is needed to handle old type of session IDs
|
||||
if (!Container::$sessionHandler->validateId(session_id())) {
|
||||
session_regenerate_id(true);
|
||||
|
Loading…
Reference in New Issue
Block a user