Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== Session Management ======
+The session management system currently in use by glFusion is very simple and does not provide any features beyond tracking if the user is logged in or not.
+The goal of this project will be to develop an enhanced session management system that will be shared by the core glFusion code and all plugins.
+===== Requirements =====
+  * Information or state must be stored.  For example, any user submitted data must be maintained across multiple HTTP requests.
+  * Each HTTP request must carry an identifier that allows the server to process the request in the context of the stored state.
+  * Sessions need to have a timeout . Otherwise, if a user leaves the web site, there is no way the server can tell when the session should end.
+  * Sessions need to be able to track multiple levels of authentication.  For example, when performing an admin function, a new session should be created and validated (password required) before the admin function is allowed.
+  * Sessions must be scalable.  The solution must be reasonably scalable and work in a shared hosting environment.  glFusion’s goal is to run with under the restrictions imposed by most commercial hosting services.
+  * Sessions must be secure.  Reasonable steps must be taken to ensure session ids cannot be stolen or reused.
+===== Skills Needed =====
+A strong understanding of PHP and SQL databases will be required.    Understanding the current authentication and session management system in glFusion is also required.
+===== Difficulty =====
+Moderate
+Session management in PHP is not anything new.  The challenge will be implementing the necessary hooks to allow plugins to utilize the session infrastructure.
+===== Licensing =====
+All code must be created using the GNU General Public License