PHP download

Download the PHP package adbario/slim-secure-session-middleware without Composer

On this page you can find all versions of the php package adbario/slim-secure-session-middleware. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download adbario/slim-secure-session-middleware
More information about adbario/slim-secure-session-middleware
Files in adbario/slim-secure-session-middleware

Vendor adbario
Package slim-secure-session-middleware
Short Description Secure session middleware for Slim 3 framework
License MIT
Homepage https://github.com/adbario/slim-secure-session-middleware

Keywords middleware session slim

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Informations about the package slim-secure-session-middleware

Slim Secure Session Middleware

Secure session middleware for Slim 3 framework.

longer and more secure session id's
session data encryption
set session cookie path, domain and secure values automatically
extend session lifetime after each user activity
helper class to handle session values easily with namespaces and dot notation (Dot - PHP dot notation array access)

If you're on shared host and use sessions for storing sensitive data, it's a good idea to store session files in your custom location and encrypt them.

Installation

Via composer:

composer require adbario/slim-secure-session-middleware

Configuration

Create an array of session settings in you application settings. Please note that session lifetime is defined in minutes, not in seconds. Default settings for session:

$settings = [
    'session' => [
        // Session cookie settings
        'name'           => 'slim_session',
        'lifetime'       => 24,
        'path'           => '/',
        'domain'         => null,
        'secure'         => false,
        'httponly'       => true,

        // Set session cookie path, domain and secure automatically
        'cookie_autoset' => true,

        // Path where session files are stored, PHP's default path will be used if set null
        'save_path'      => null,

        // Session cache limiter
        'cache_limiter'  => 'nocache',

        // Extend session lifetime after each user activity
        'autorefresh'    => false,

        // Encrypt session data if string is set
        'encryption_key' => null,

        // Session namespace
        'namespace'      => 'slim_app'
    ]
];

Usage

Application

When creating application, inject all settings:

$app = new \Slim\App(['settings' => $settings]);

Middleware

Add middleware with session settings:

$app->add(new \Adbar\SessionMiddleware($settings['session']));

Sessions

This package comes with session helper class, but if you wish to use only PHP session superglobal, then you can skip the rest of this guide and just enjoy coding! Session security configuration is done within middleware, so by using native superglobal your session is still secure (and encrypted if you set up encryption key in settings).

Session helper class uses namespaces for sessions, so basically session variables are always inside an array and array's key is the namespace. If you insert key 'user' with value 'John' into namespace 'users', superglobal $_SESSION looks like this:

Array
(
    [users] => Array
        (
            [user] => John
        )
)

If you don't need session namespaces in your application, then you can just ignore all namespace related parts on this guide and set namespace name in settings to null (it will default to namespace "slim_app").

Basic usage

You can inject session helper class in application container:

$container['session'] = function ($container) {
    return new \Adbar\Session(
        $container->get('settings')['session']['namespace']
    );
};

If session helper class is injected in application container and can be used as an object, i.e. like this:

$app->get('/', function (Request $request, Response $response) {
    // Namespace is now picked up from settings
    $this->session->set('user', 'John');
})->setName('home);

Or anywhere in your code:

$session = new \Adbar\Session('my_namespace');
// Namespace is now 'my_namespace'
$session->set('user', 'John');

If you don't use session class from container and don't inject namespace when creating session object, then namespace is always 'slim_app':

$session = new \Adbar\Session;
// Namespace is now 'slim_app'
$session->set('user', 'John');

Setting values

Set single value:

$session->set('user', 'John');

// Array style
$session['user'] = 'John';

// Magic method
$session->user = 'John';

// Set value to specific namespace
$session->setTo('my_namespace', 'user', 'John');

// Dot notation can be used with all methods except magic method:
$session->set('user.firstname', 'John');
$session['user.firstname'] = 'John';
$session->setTo('my_namespace', 'user.firstname', 'John');

Set multiple values at once:

$user = ['firstname' => 'John', 'lastname' => 'Smith'];
$session->set($user);

// Or just simply
$session->set([
    'firstname' => 'John',
    'lastname'  => 'Smith
]);

// Set values to specific namespace
$session->setTo('my_namespace', $user);

// Dot notation
$session->set([
    'user.firstname' => 'John',
    'user.lastname'  => 'Smith'
]);

Get value

echo $session->get('user');

// Get default value if key doesn't exist
echo $session->get('user', 'some default user');

// Array style
echo $session['user'];

// Magic method
echo $session->user;

// From specific namespace
echo $session->getFrom('my_namespace', 'user');

// Dot notation
echo $session->get('user.firstname');

Add value

$session->add('users', 'Mary');

// Dot notation
$session->add('home.kids', 'Jerry');

Multiple value at once:

$session->add([
    'users' => 'Sue',
    'cars'  => 'Toyota'
]);

// Dot notation
$session->add([
    'users'     => ['Katie', 'Ben'],
    'home.kids' => ['Carl', 'Tom']
]);

Check if value exists

if ($session->has('user')) {
    // Do something...
}

// Array style
if (isset($session['user'])) {
    // Do something...
}

// Magic method
if (isset($session->user)) {
    // Do something...
}

// In specific namespace
if ($session->hasIn('my_namespace', 'user')) {
    // Do something...
}

// Dot notation
if ($session->has('user.firstname')) {
    // Do something...
}

Delete value

$session->delete('user');

// Array style
unset($session['user']);

// Magic method
unset($session->user);

// From specific namespace
$session->deleteFrom('my_namespace', 'user');

// Dot notation
$session->delete('user.firstname');

Multiple values at once:

$session->delete(['user', 'home']);

// From specific namespace
$session->deleteFrom('my_namespace', ['user', 'home'']);

// Dot notation
$session->delete(['user', 'home.kids']);

Clear values

Clear all values:

$session->clear();

// From specific namespace
$session->clearFrom('my_namespace');

Clear all values within specific session key:

$session->clear('user');

// From specific namespace
$session->clearFrom('my_namespace', 'user');

// Dot notation
$session->clear('home.kids');

Multiple values at once:

$session->clear(['user', 'home']);

// From specific namespace
$session->clearFrom('my_namespace', ['user', 'home']);

// Dot notation
$session->clear(['user', 'home.kids']);

Destroy session completely

$session->destroy();

// Static method
\Adbar\Session::destroy();

Regenerate session id

$session->regenerateId();

// Static method
\Adbar\Session::regenerateId();

Change namespace

$session->setNamespace('another_namespace');

Get current namespace

$namespace = $session->getNamespace();

Delete namespace

$session->deleteNamespace('namespace_to_delete');

All versions of slim-secure-session-middleware with dependencies

PHP Build Version

Package Version

Version 1.3.4 Release 04. Aug 2017
create-project require 0 people chose require and
0 people chose create-project.

Download

Download latest version of slim-secure-session-middleware from vendor adbario

Requires php Version >=5.5
slim/slim Version ~3.0
adbario/php-dot-notation Version ~1.2.0
paragonie/random_compat Version ^2.0

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package adbario/slim-secure-session-middleware contains the following files

Loading the files please wait ....