保持苗条的会话

Question

I'm working on a web app using Slim, but I'm facing an issue with setting and persisting sessions.

Here is my index.php . I am trying to set a csrfToken key in the $_SESSION array, so that every request that is made through the app checks if the user has a csrfToken key, if not it will create one.

I'm just confused as to why it isn't persisting because on the next request it's gone. session_start is being called, it's being called automatically by '\\Slim\\Middleware\\SessionCookie'.

Any ideas why this wouldn't be working? And would it be better to place this into middleware or use a hook?

use duncan3dc\Laravel\Blade;
use duncan3dc\Helpers\Env;

# TODO: Bootstrap the app. Move this to a seperate file. Dev only.
R::setup('mysql:host=localhost;dbname=somedb','user','pass');

$app = new \Slim\Slim(array(
  'mode' => 'development',
  'templates.path' => './views',
  'cookies.encrypt' => true,
  'cookies.secret_key' => 'mylongsecretkey',
  'cookies.cipher' => MCRYPT_RIJNDAEL_256,
  'cookies.cipher_mode' => MCRYPT_MODE_CBC
));

$app->add(new \Slim\Middleware\SessionCookie(array(
  'expires' => '10 minutes',
  'path' => '/',
  'domain' => 'site.com',
  'secure' => false, # Contact client to discuss using SSL
  'httponly' => false,
  'name' => '_sus',
  'secret' => 'mylongsecretkey', # Do I need this twice?
  'cipher' => MCRYPT_RIJNDAEL_256,
  'cipher_mode' => MCRYPT_MODE_CBC
)));

# Not persisting ...
if(!isset($_SESSION['csrfToken']))
    $_SESSION['csrfToken'] = hash("sha512",mt_rand(0,mt_getrandmax()));

# TODO: Bootstrap these.
require 'routes/index.php';
require 'routes/dashboard.php';
require 'routes/signup.php';
require 'routes/contactus.php';
require 'routes/privacypolicy.php';
require 'routes/testimonials.php';
require 'routes/login.php';

$app->run();

Answer 1

I figured out how to do it after reading more into hooks .

$app->hook('slim.before.router', function() use ($app){
    if(!isset($_SESSION['csrfToken']))
        $_SESSION['csrfToken'] = hash("sha512",mt_rand(0,mt_getrandmax()));
});