Hi André,
With the current functionality of ISAM, I don't think it's possible.
However, leveraging infomap (or any other EAI for that matter) it should be doable.
If you activate the DSC, your sessions are stored and managed there and the cookie is just a link to the session. You could store something like encrypt($sessionStartTimestamp:$sessionID) in a persistent cookie with a lifetime of 24h.
Every time the cookie comes in, infomap/EAI decrypts the content and validates the timestamp is less than 24h ago. If that is the case, the session should still be in DSC and you should be able to continue the session, even after a browser restart.
Even in the worst case scenario where an attacker may break your encryption and manage to forge the sessionStartTimestamp, the session would have expired on DSC after 24h and therefore it would result in an error situation rather than granting access.
Depending on how much of your authentication/authorization flow is (already) executed in infomap/EAI, this may or may not be suitable for your current setup.
This idea is pure theory (I didn't test anything of it), but I thought I'd share it non the less :)
Hope it helps in any way.
Kind regards,
------------------------------
Kristof Goossens
------------------------------
Original Message:
Sent: 01-18-2019 09:07 AM
From: André Leruitte
Subject: Anyone implemented a persistent session ?
Hi everybody,
We are trying to implement a feature that seemed simple on the paper but that is proving difficult to implement with ISAM :
- once a user is authenticated, his session should last 24 hours
- if user completely closes its browser, and comes back later during the 24 hours period he should still be authenticated
ISAM uses (temporary) session cookies for representing authenticated sessions. These cookies are automatically deleted by the browser when it's closed.
We haven't found a way to interact with that cookie, and at the moment we haven't found any workaround that would allow us to do what we need.
Has anyone implemented persistent sessions in any kind of way ?
Or does anyone have some clues on how we could achieve that with ISAM ?
Thanks in advance for any information that would help us
------------------------------
André Leruitte
------------------------------