feat(auth): implement token-based tab session isolation using JWT

This commit is contained in:
cygouw
2026-06-12 16:07:49 +07:00
parent 91fa872970
commit d25df07984
3 changed files with 85 additions and 1 deletions
+4
View File
@@ -41,8 +41,12 @@ if ($action === 'login' && $_SERVER['REQUEST_METHOD'] === 'POST') {
auditLog($db, (int)$user['id'], 'LOGIN', 'users', (int)$user['id']);
// Generate JWT token for tab-session isolation
$token = jwt_encode($_SESSION['user'], JWT_SECRET);
jsonResponse([
'success' => true,
'token' => $token,
'user' => $_SESSION['user']
]);
}