Christoph Wurst
3ab922601a
Check if session token is valid and log user out if the check fails
...
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Lukas Reschke
8222ad5157
Move logout to controller
...
Testable code. Yay.
2016-04-18 21:21:52 +02:00
Lukas Reschke
d4a93893bb
Also check for an empty string
...
PHP. Yay.
2016-04-15 19:53:14 +02:00
Lukas Reschke
fee95084ae
Rename `username` to `loginName`
...
UID and login name are two different things.
2016-04-15 19:02:19 +02:00
Lukas Reschke
8a650a51be
Use !== instead of empty
...
Users can be named null
2016-04-15 18:57:11 +02:00
Lukas Reschke
331e4efacb
Move login form into controller
...
First step on getting the authorisation stuff cleaned up. This is only for the login form, all other stuff is still where it is.
2016-04-15 17:36:23 +02:00
Lukas Reschke
a4b19a5b1e
Rename files to be PSR-4 compliant
2016-04-06 11:00:52 +02:00