https://github.com/hiqdev/session-keeper
Session token theft detection
https://github.com/hiqdev/session-keeper
hacktoberfest
Last synced: 12 months ago
JSON representation
Session token theft detection
- Host: GitHub
- URL: https://github.com/hiqdev/session-keeper
- Owner: hiqdev
- License: mit
- Created: 2019-11-23T20:07:28.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2019-12-07T17:56:00.000Z (over 6 years ago)
- Last Synced: 2025-04-07T07:41:26.314Z (about 1 year ago)
- Topics: hacktoberfest
- Language: PHP
- Size: 15.6 KB
- Stars: 5
- Watchers: 3
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Session Keeper
**Session token theft detection**
[](https://packagist.org/packages/hiqdev/session-keeper)
[](https://packagist.org/packages/hiqdev/session-keeper)
[](https://travis-ci.org/hiqdev/session-keeper)
[](https://scrutinizer-ci.com/g/hiqdev/session-keeper/)
[](https://scrutinizer-ci.com/g/hiqdev/session-keeper/)
This package provides small library for token theft detection.
## Installation
The preferred way to install this library is through [composer](http://getcomposer.org/download/).
Either run
```sh
php composer.phar require "hiqdev/session-keeper"
```
or add
```json
"hiqdev/session-keeper": "*"
```
to the require section of your composer.json.
## Idea
- Save for every session:
- is it secure (user chooses)
- browser fingerprint
- IP address
- Session can be revalidated by
- current fingerprint
- IP address
- Conditions:
- changed fingerprint - kill session, must relogin
- changed IP:
- the IP is secure - ok
- the IP is unknown - kill session, must relogin
## License
This project is released under the terms of the MIT [license](LICENSE).
Read more [here](http://choosealicense.com/licenses/mit).
Copyright © 2019, HiQDev (http://hiqdev.com/)