xle/tt-rss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add optional encryption for stored session data using Sodium library

Browse Source
This commit is contained in:
Andrew Dolgov
2025-04-07 20:08:17 +03:00
parent bb2c4b3801
commit 026d68fc2d
3 changed files with 69 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
classes/Sessions.php
View File

@@ -58,7 +58,17 @@ class Sessions implements \SessionHandlerInterface {
$sth->execute([$id]);
if ($row = $sth->fetch()) {
return base64_decode($row['data']);
$data = base64_decode($row['data']);
if (Config::get(Config::SODIUM_ENCRYPTION_KEY)) {
$unserialized_data = unserialize($data);
if ($unserialized_data !== false)
return Config::decrypt_string($unserialized_data);
}
// if Sodium key is missing or session data is not in serialized format, return as-is
return $data;
}
$expire = time() + $this->session_expire;
@@ -69,7 +79,12 @@ class Sessions implements \SessionHandlerInterface {
}
public function write(string $id, string $data): bool {
if (Config::get(Config::SODIUM_ENCRYPTION_KEY))
$data = serialize(Config::encrypt_string($data));
$data = base64_encode($data);
$expire = time() + $this->session_expire;
$sth = Db::pdo()->prepare('SELECT id FROM ttrss_sessions WHERE id=?');