The PHP Secure Stateless Cookies Class lets you create a system that authenticates with secure cookies instead of using PHP sessions. Furthermore, it allows for:
- Secure password hashing
- Secure cookie hashing
- Automatically updates md5 passwords
- Can interpret (Non-Portable) PHPass hashes without changing your current user database
DocumentationCheck out the documentation for code samples and usage.
PurposeThere is quite a bit of discussion between stateful and stateless. For a better understanding of stateless cookies and stateless PHP applications, consider reading the article Hardened Stateless Session Cookies (PDF) by Steven J. Murdoch.
- Release version
- Added a much more secure salting algorithm
- Updated properties to follow OOP standard
- Added verifyAuth as security measure