Download the PHP package victory7/ezsession without Composer
On this page you can find all versions of the php package victory7/ezsession. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download victory7/ezsession
More information about victory7/ezsession
Files in victory7/ezsession
Package ezsession
Short Description ezsession is a versatile PHP session handler designed to provide seamless session management by combining the strengths of relational databases (MySQL), key-value stores (Redis), and JWT tokens. It offers developers flexible, secure, and scalable session storage, making it ideal for applications requiring high-performance, distributed, and stateless authentication systems. With ezsession, you can customize your session storage strategy to suit a variety of use cases while ensuring enhanced security and simplified management.
License MIT
Informations about the package ezsession
EzSession - Standalone by JWT, Write & Read On-Demand
ezsession
is a PHP session management library focused on an on-demand write and read strategy to optimize session data handling. It efficiently manages sessions using in-memory cache (e.g., Redis), permanent storage (e.g., MySQL), and JWT tokens, minimizing unnecessary storage queries and providing easy access to JWT for custom data handling. This approach ensures that session data is only written when required, significantly reducing storage operations and improving overall performance.
Features
- Write-On-Demand: Data is only written to storage when necessary, reducing the number of storage operations.
- Flexible Backend Storage: Uses Redis, memcached, APCu, ... for caching, SQLight, MySQL, Postgres, MongoDB, ... for persistent storage, and JWT for stateless session management.
- Easy Integration: Plug-and-play session management for PHP applications.
- Scalable & Secure: Optimizes read and write operations to ensure data persistence and secure session management.
Requirements
- PHP 7.4 or higher
- Redis server (for caching backend)
- MySQL server (for persistent storage)
Installation
You can install ezsession
using Composer. Simply run:
Then, include the autoloader in your script:
Configuration
Redis & MySQL Setup
Before using ezsession
, make sure you have access to a running Redis and MySQL server. Update your database credentials and Redis configuration accordingly.
Usage
To use ezsession
in your PHP application, initialize the session handler and start a session as follows:
How It Works
ezsession
handles session data efficiently by using a combination of JWT tokens, Redis, and MySQL to reduce unnecessary storage operations:
-
Session Initialization: On the first request,
ezsession
generates a session ID using a UUID and issues a JWT token signed with your application secret key. This token is returned as a session cookie (with the name defined in the configuration). -
Subsequent Requests: For the rest of the requests, the session token is retrieved either via the same cookie or from the
Authorization
Bearer header. After validation,ezsession
checks the"stored"
flag in the JWT:- If the
"stored"
flag isfalse
, it means there is no data in the cache or permanent storage, so the JWT value is returned to$_SESSION
and is accessible via$_SESSION['jwt']
. - If nothing has been written to the session,
ezsession
does not write anything to cache or database and does not perform any queries.
- If the
-
Writing to Session: When something is written to the session (e.g.,
$_SESSION['name'] = 'John';
),ezsession
stores this data in both Redis and MySQL, updates the"stored"
flag totrue
, and generates a new JWT token. This updated token is then returned to the client, replacing the previous token automatically. -
Data Retrieval: When the
"stored"
flag istrue
,ezsession
first checks Redis for the data:- If the data is found in Redis, it is returned.
- If not,
ezsession
queries MySQL, and if the data is found, it caches it in Redis for future requests.
- Unset Session Values: If all session values are unset, the
"stored"
flag is set back tofalse
, and requests are handled purely through the JWT without accessing cache or database.
Working with JWT Data
A key feature of ezsession
is the ability to add, modify, or delete custom data in the JWT token directly:
-
Access the JWT data using
$_SESSION['jwt']
. For example, you can add auser_id
to the JWT like this: - Modifying the JWT in this way forces
ezsession
to regenerate the token and send it back through subsequent requests, minimizing session storage queries.
Example Usage
Contributing
Contributions are welcome! Feel free to fork this repository, make your changes, and submit a pull request. Let's make session management easier for everyone.
License
ezsession
is licensed under the MIT License. See LICENSE for more details.
Support
If you encounter any issues or have questions, please open an issue on GitHub or contact me at [email protected].
Future Improvements
- Enhanced JWT Features: Add more advanced JWT functionality, such as expiration handling.
- Flexible Backends: Support for additional databases and caching systems.
- Improved Performance: Further optimize the read/write strategies.
Thank you for using ezsession
! We hope it makes your session management process more enjoyable.