-
-
Notifications
You must be signed in to change notification settings - Fork 27
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #87 from froschdesign/hotfix/docs/validators
Reorganize and expand session validators documentation
- Loading branch information
Showing
6 changed files
with
81 additions
and
61 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| # Http User Agent | ||
|
|
||
| `Laminas\Session\Validator\HttpUserAgent` provides a validator to check the session | ||
| against the originally stored `$_SERVER['HTTP_USER_AGENT']` variable. Validation | ||
| will fail in the event that this does not match and throws an exception in | ||
| `Laminas\Session\SessionManager` after `session_start()` has been called. | ||
|
|
||
| ## Basic Usage | ||
|
|
||
| ```php | ||
| $manager = new Laminas\Session\SessionManager(); | ||
| $manager->getValidatorChain()->attach( | ||
| 'session.validate', | ||
| [ | ||
| new Laminas\Session\Validator\HttpUserAgent(), | ||
| 'isValid' | ||
| ] | ||
| ); | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| # Introduction | ||
|
|
||
| laminas-session provides a set of validators that provide protections against session hijacking and against unauthorized requests. | ||
|
|
||
| - [Http User Agent](httpuseragent.md) | ||
| - [Remote Addr](remoteaddr.md) | ||
| - [Writing Custom Validators](writing-custom-validators.md) | ||
|
|
||
| These validators are based on Laminas component for validation of data and files: [laminas-validator](https://docs.laminas.dev/laminas-validator/). | ||
|
|
||
| > MISSING: **Installation Requirements** | ||
| > The validation support of laminas-session depends on the [laminas-validator](https://docs.laminas.dev/laminas-validator/) component, so be sure to have it installed before getting started: | ||
| > | ||
| > ```bash | ||
| > $ composer require laminas/laminas-validator | ||
| > ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Remote Addr | ||
|
|
||
| `Laminas\Session\Validator\RemoteAddr` provides a validator to check the session | ||
| against the originally stored `$_SERVER['REMOTE_ADDR']` variable. Validation | ||
| will fail in the event that this does not match and throws an exception in | ||
| `Laminas\Session\SessionManager` after `session_start()` has been called. | ||
|
|
||
| > MISSING: **Installation Requirements** | ||
| > The validation of the IP address depends on the [laminas-http](https://docs.laminas.dev/laminas-http/) component, so be sure to have it installed before getting started: | ||
| > | ||
| > ```bash | ||
| > $ composer require laminas/laminas-http | ||
| > ``` | ||
| ## Basic Usage | ||
| ```php | ||
| $manager = new Laminas\Session\SessionManager(); | ||
| $manager->getValidatorChain()->attach( | ||
| 'session.validate', | ||
| [ | ||
| new Laminas\Session\Validator\RemoteAddr(), | ||
| 'isValid' | ||
| ] | ||
| ); | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| # Writing Custom Validators | ||
|
|
||
| Own custom validators can be provided to validate against other items from storing a token and validating a token to other various techniques. | ||
| To create a custom validator, the validation interface `Laminas\Session\Validator\ValidatorInterface` _must_ be implemented. | ||
|
|
||
| More information on how to create custom validators can be found in the [laminas-validator documentation](https://docs.laminas.dev/laminas-validator/writing-validators/). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters