diff --git a/authentication.php b/authentication.php index bc462b4..b3616db 100644 --- a/authentication.php +++ b/authentication.php @@ -84,6 +84,8 @@ class authentication */ public function logout ($url = "") { + if (! isset ($_SESSION)) + session_start (); if ($this->debug) echo "
LOGOUT\n";
     $authsession = new \authsession ();
     $param = $authsession->getdetails ();
@@ -112,6 +114,8 @@ class authentication
   public function pageHTML ($url = "")
   {
     // If the user is already connected, redirect to the main page of the site
+    if (! isset ($_SESSION))
+      session_start ();
     $auth = new \auth ();
     $pre = new \authparams (array ("session"));
     if (isset ($_SESSION["domframework"]["authentication"]["message"]))
@@ -134,6 +138,9 @@ class authentication
     */
   public function verifAuthLoginPage ($url = "")
   {
+    if (! isset ($_SESSION))
+      session_start ();
+    if ($this->debug) echo "Call verifAuthLoginPage ($url) : Start\n";
     // rate-limit the connections
     $ratelimiter = new \ratelimitfile ();
     // 3 connections by minutes
@@ -145,6 +152,7 @@ class authentication
       $ipClient = $_SERVER["REMOTE_ADDR"];
     if ($ratelimiter->set ("loggin-$ipClient") === false)
     {
+      if ($this->debug) echo "Call verifAuthLoginPage ($url) : Ratelimit\n";
       call_user_func ($this->loggingFunc,
                       LOG_WARNING,
                       "Ratelimiting for $ipClient");
@@ -163,6 +171,7 @@ class authentication
     $res = $this->verifAuth ($authparams->email, $authparams->password);
     if (! is_array ($res))
     {
+      if ($this->debug) echo "Call verifAuthLoginPage ($url) : ERROR\n";
       // Authentication error
       // Redirect to login page after logout
       call_user_func ($this->loggingFunc,
@@ -183,6 +192,7 @@ class authentication
       }
     }
     // Login OK : save in SESSION and go to main page
+    if ($this->debug) echo "Call verifAuthLoginPage ($url) : USER OK\n";
     call_user_func ($this->loggingFunc,
                     LOG_NOTICE,
                     "Logging in for '$authparams->email'");
@@ -229,6 +239,8 @@ class authentication
     */
   public function verifAuthHTML ()
   {
+    // Do not force the session_start ! We don't want the cookie on all the
+    // pages
     if ($this->debug)
       echo "=== entering verifAuthHTML (htmlMethods=".
         print_r ($this->htmlMethods, true).")\n";
@@ -353,6 +365,8 @@ class authentication
     $this->route
     ->get ("authentication/logout({url})?", function ($url) use ($authObj)
     {
+      if (! isset ($_SESSION))
+        session_start ();
       $authObj->logout ($url);
     })
 
@@ -363,12 +377,16 @@ class authentication
 
     ->get ("authentication/({url})?", function ($url) use ($authObj)
     {
+      if (! isset ($_SESSION))
+        session_start ();
       $authObj->pageHTML ($url);
       exit;
     })
 
     ->post ("authentication/({url})?", function ($url) use ($authObj)
     {
+      if (! isset ($_SESSION))
+        session_start ();
       $authObj->verifAuthLoginPage ($url);
       exit;
     })