Added session and csrf token to bootstrap.
This commit is contained in:
@@ -1,4 +1,21 @@
|
||||
<?php declare(strict_types=1);
|
||||
|
||||
// -----------------------------------------------------------------------------
|
||||
// Session
|
||||
// -----------------------------------------------------------------------------
|
||||
session_start([
|
||||
'cookie_httponly' => true,
|
||||
'cookie_secure' => !empty($_SERVER['HTTPS']),
|
||||
'cookie_samesite' => 'Lax',
|
||||
]);
|
||||
|
||||
// Add a csrf token to our session
|
||||
if (empty($_SESSION['csrf_token'])) {
|
||||
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
||||
}
|
||||
|
||||
// -----------------------------------------------------------------------------
|
||||
// Helpers/additions
|
||||
// -----------------------------------------------------------------------------
|
||||
require_once ROOT.'/src/helpers.php';
|
||||
require_once ROOT.'/src/database.php';
|
||||
|
||||
Reference in New Issue
Block a user