Added session and csrf token to bootstrap.
This commit is contained in:
@@ -1,4 +1,21 @@
|
|||||||
<?php declare(strict_types=1);
|
<?php declare(strict_types=1);
|
||||||
|
|
||||||
|
// -----------------------------------------------------------------------------
|
||||||
|
// Session
|
||||||
|
// -----------------------------------------------------------------------------
|
||||||
|
session_start([
|
||||||
|
'cookie_httponly' => true,
|
||||||
|
'cookie_secure' => !empty($_SERVER['HTTPS']),
|
||||||
|
'cookie_samesite' => 'Lax',
|
||||||
|
]);
|
||||||
|
|
||||||
|
// Add a csrf token to our session
|
||||||
|
if (empty($_SESSION['csrf_token'])) {
|
||||||
|
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
||||||
|
}
|
||||||
|
|
||||||
|
// -----------------------------------------------------------------------------
|
||||||
|
// Helpers/additions
|
||||||
|
// -----------------------------------------------------------------------------
|
||||||
require_once ROOT.'/src/helpers.php';
|
require_once ROOT.'/src/helpers.php';
|
||||||
require_once ROOT.'/src/database.php';
|
require_once ROOT.'/src/database.php';
|
||||||
|
|||||||
Reference in New Issue
Block a user