The PHP Secure Stateless Cookies Class lets you create a system that authenticates with secure cookies instead of using PHP sessions. Furthermore, it allows for:
- Secure password hashing
- Secure cookie hashing
- Automatically updates md5 passwords
- Can interpret (Non-Portable) PHPass hashes without changing your current user database
Check out the documentation for code samples and usage.
There is quite a bit of discussion between stateful and stateless. For a better understanding of stateless cookies and stateless PHP applications, consider reading the article Hardened Stateless Session Cookies (PDF) by Steven J. Murdoch.
- Release version
- Added a much more secure salting algorithm
- Updated properties to follow OOP standard
- Added verifyAuth as security measure
- Updated encryption method
- Added _switchUserTo method
- Added _switchUserBack method
- Added _setcookie method
- Added remember me cookie