diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2020-10-06 23:19:45 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-10-06 23:19:45 +0200 |
| commit | 0319cc9d234e107109d988f36f2361b25f9f0777 (patch) | |
| tree | e373d93694297e36056d9888141d3233d0686260 /app/Controllers/authController.php | |
| parent | 3aed0b95534c60b26254292e951c8a9c5badc786 (diff) | |
Minz allow parallel sessions (#3096)
* Minz allow parallel sessions
#fix https://github.com/FreshRSS/FreshRSS/issues/3093
* Array optimisation
* Array optimisation missing
* Reduce direct access to $_SESSION except in install process
* Fix session start headers warning
* Use cookie only the first time the session is started:
`PHP Warning: session_start(): Cannot start session when headers
already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39`
* New concept of volatile session for API calls
Optimisation: do not use cookies or local storage at all for API calls
without a Web session
Fix warning:
```
PHP Warning: session_destroy(): Trying to destroy uninitialized session
in Unknown on line 0
```
* Only call Minz_Session::init once in our index
It was called twice (once indirectly via FreshRSS->init())
* Whitespace
* Mutex for notifications
Implement mutex for notifications
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809
* Typo
* Install script is not ready for using Minz_Session
Diffstat (limited to 'app/Controllers/authController.php')
| -rw-r--r-- | app/Controllers/authController.php | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index e7bff363e..342c577e2 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -141,9 +141,11 @@ class FreshRSS_auth_Controller extends Minz_ActionController { ); if ($ok) { // Set session parameter to give access to the user. - Minz_Session::_param('currentUser', $username); - Minz_Session::_param('passwordHash', $conf->passwordHash); - Minz_Session::_param('csrf'); + Minz_Session::_params([ + 'currentUser' => $username, + 'passwordHash' => $conf->passwordHash, + 'csrf' => false, + ]); FreshRSS_Auth::giveAccess(); // Set cookie parameter if nedded. @@ -190,9 +192,11 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $ok = password_verify($password, $s); unset($password); if ($ok) { - Minz_Session::_param('currentUser', $username); - Minz_Session::_param('passwordHash', $s); - Minz_Session::_param('csrf'); + Minz_Session::_params([ + 'currentUser' => $username, + 'passwordHash' => $s, + 'csrf' => false, + ]); FreshRSS_Auth::giveAccess(); Minz_Translate::init($conf->language); |