Reputation: 2733
PHP $_SESSION and Backbone.js Session Model
I was wondering how to use my php session client-side using backbone.js... and I had in idea:
Create a "session backbone model" as a "clone" of the php $_SESSION, a nested model with all the $_SESSION data needed client-side.
But I'm worried about security: with model.fetch i can keep the session model clean from hacks? What do you think about that?
Upvotes: 0
Views: 503
Answers (1)
Reputation: 6824
Backbone has no idea about any sessions. But like any javascript running on your page, it will be able to access the session cookie from your PHP server just fine (decoding document.cookie or similar).
As for securing the calls back to your server, making sure they only come from your application, that's a bit more challenging. If you're primarily worried about "external" hacking (request from other machines than the ones running your application), you could use a scheme where the session cookie contains the client IP address, and that your PHP server verifies that all requests comes with the proper session cookie (that the request IP address matches the one encoded in the cookie that came with it).
As for documentation on document.cookie, this link should be a good place to start:
How exactly does document.cookie work?
Upvotes: 1
Related Questions
- PHP session / json / javascript
- Sessions in AngularJS and PHP application
- SessionStorage in backbone doesn't work before refresh page
- echo php variable in backbone.js template
- Backbone and Session storage
- User session with backbone.js
- Tracking the user session using backbone.js
- manage sessions properly with express and backbone
- Accessing Session Variables in Single Page Applications
- Backbone, Node, Session validation, my method working, but tell me whether it is correct or not