Extension:SecureSessions/Internals

This page is an overview of the internals of Extension:SecureSessions, in order to facilitate its maintenance.

Classes
There are one main class,, and a secondary class,.

A setup function creates the main object ; this objects has 5 main methods corresponding to the hooks, and three private properties about configuration :   (sessions restricted to the IP),   (sessions restricted to the user agent),   (only one session is authorized).

SecureSessions uses the library geoip-api-php from MaxMind for the mechanism of country restriction. It is in the subdirectory  and the IP database is in the subdirectory.

Data model
SecureSessions works with informations stored in: cookies, PHP sessions, object cache, user preferences.

Cookies:
 * RestrictUA
 * RestrictIP

PHP sessions:
 * wsUserAgent
 * wsIPAddress
 * wsObsolete
 * wsExpiry
 * id

Object cache:
 * Keys {wikiPrefix}:{userID}:sessions

User preferences:
 * securesessions-country, available in "personal/info" when cldr is activated
 * securesessions-tor, available in "personal/info" when TorBlock is activated