Skip to content

Commit

Permalink
Regenerate the session ID after logging in to avoid Session Fixation …
Browse files Browse the repository at this point in the history 
…attacks
  • Loading branch information
@alextselegidis
alextselegidis committed Apr 15, 2023
1 parent 75b2473 commit 7f37350
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions application/controllers/Login.php
View file
Expand Up @@ -76,6 +76,8 @@ public function validate()
{
throw new InvalidArgumentException('Invalid credentials provided, please try again.');
}

$this->session->sess_regenerate();

session($user_data); // Save data in the session.

Expand Down

0 comments on commit 7f37350

Please sign in to comment.