PHPackages                             ellipse/session-validation - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Validation & Sanitization](/categories/validation)
4. /
5. ellipse/session-validation

ActiveLibrary[Validation & Sanitization](/categories/validation)

ellipse/session-validation
==========================

Psr-15 middleware allowing to validate the user session ownership

1.0.2(8y ago)07011MITPHPPHP >=7.0

Since Nov 18Pushed 8y ago1 watchersCompare

[ Source](https://github.com/ellipsephp/session-validation)[ Packagist](https://packagist.org/packages/ellipse/session-validation)[ Docs](https://github.com/ellipsephp/session-validation)[ RSS](/packages/ellipse-session-validation/feed)WikiDiscussions master Synced 3d ago

READMEChangelogDependencies (5)Versions (4)Used By (1)

Session validation
==================

[](#session-validation)

This package provides a [Psr-15 middleware](https://www.php-fig.org/psr/psr-15/) allowing to validate the user session ownership.

**Require** php >= 7.0

**Installation** `composer require ellipse/session-validation`

**Run tests** `./vendor/bin/kahlan`

- [Using the validate session middleware](#using-the-validate-session-middleware)

Using the validate session middleware
=====================================

[](#using-the-validate-session-middleware)

This middleware let the developper define a callable producing a client signature from the processed Psr-7 request. This signature is stored in the session so the subsequent request client signatures can be compared to the saved one. When they do not match the session data are unset and the session id gets regenerated.

The callable passed to the middleware is called with the Psr-7 request being processed and must return an associative array containing client specific data. For example it's ip address or user agent.

The middleware can of course be used after the `StartSessionMiddleware` from [ellipse/session-start](https://github.com/ellipsephp/session-start) in order to start a session.

```