关于签名 cookie 而不是会话的提示 [英] Tips on signed cookies instead of sessions

问题描述

我正在考虑放弃 PHP 的 $_SESSION(即服务器端会话处理，以添加一些与语言无关的风格)并改用签名 cookie，因为我听说过很多关于它们(Flickr 使用它们，所以它们对我来说也应该足够好).

I'm considering ditching PHP's $_SESSION (i.e. the server-side session handling, to add some language-agnostic flavor) and using signed cookies instead, since I've heard so much good about them (Flickr uses them, so they ought to be good enough for me too).

我了解该技术的基本上下文:自由使用 cookie 将键值对从客户端传递到服务器，并对它们进行签名以确保这些值不被篡改.

I understand the basic context of the technique: Use cookies freely to pass key-value pairs from client to server, and sign them to make sure that the values aren't tampered with.

但是实现签名部分的好方法是什么?还;由于流量可能是 HTTP，是否有一种好方法可以使用此方法发送敏感数据(例如用户密码)，同时防止 cookie 窃取和/或篡改?

But what would be a good way to implement the signing part? Also; since the traffic will probably be HTTP, is there a good way to send sensitive data (such as a user's password) with this method, while working against cookie-stealing and/or tampering?

推荐答案

何必呢?

我不会将这种技术用于敏感数据.不过，它可以与常规会话结合使用 - 您可以为客户端提供一个带有普通会话 ID 的 cookie，但也可以包含您的应用程序在每个页面上需要的所有键/值对.这样，您就可以避免每次页面请求都占用会话存储空间.

Why bother?

I wouldn't use this technique for sensitive data. It can be useful in combination with a regular session though - you can give the client a cookie with a normal session id, but also include all those key/value pairs that your application needs on every page. This way, you can avoid hitting your session storage for every page request.

您的目标应该是保持数据量非常紧凑，因为它会随每个请求一起发送.

You should aim to keep the amount of data pretty tight, since it will be sent with every request.

考虑到这一点，接下来...

With that in mind, onwards...

如果数据不敏感，您可以使用 sha1 哈希对值进行签名，该哈希由键/值对和共享秘密.例如

If the data isn't sensitive, you can sign the values with sha1 hash made from a combination of the key/value pairs and a shared secret. e.g.

$values=array(
  'user_id'=>1,
  'foo'=>'bar'
);
$secret='MySecretSalt';

$plain="";
foreach($values as $key=>$value)
{
    $plain.=$key.'|'.$value.'|';
}
$plain.=$secret;
$hash=sha1($plain);

现在给客户端一个包含所有值和哈希值的 cookie.您可以在显示 cookie 时检查哈希.如果您根据客户端提供的值计算出的哈希值与预期的哈希值不匹配，则您知道这些值已被篡改.

Now give the client a cookie with all the values and the hash. You can check the hash when the cookie is presented. If the hash you calculate from values presented by the client doesn't match the expected hash, you know the values have been tampered with.

对于敏感数据，您需要对值进行加密.查看 mcrypt 扩展，它提供了许多加密功能.

For sensitive data, you'll need to encrypt the values. Check out the mcrypt extension which offers a lot of cryptographic functions.

关于 cookie 窃取，如果您将用户凭据放入 cookie 并信任它，那么获得该 cookie 的人可以冒充该用户，直到更改密码.一个好的做法是记住您如何对用户进行身份验证，并且仅在用户明确登录时才授予某些权限.例如，对于论坛，您可以让某人发帖，但不能更改他们的帐户详细信息(例如电子邮件地址).

With regards to cookie stealing, if you're putting user credentials into a cookie and trusting it, then someone who obtains that cookie can impersonate that user until the password is changed. A good practice is to remember how you authenticated a user, and only grant certain privileges if the user explicitly logged in. For example, for a forum you might let someone post, but not change their account details like email address.

还有其他用于自动登录"cookie 的技术，包括为此类 cookie 提供一个您只允许使用一次的令牌值.这是一篇关于该技术的好文章.

There are other techniques for "autologin" cookies, involving giving such cookies a token value which you only allow to be used once. Here's a good article on that technique.

您还可以查看在签名 cookie 中包含客户端 IP，如果它与呈现 cookie 的 IP 不匹配，您让他们重新登录.这提供了更多保护，但不适用于明显 IP 地址不断变化的人.您可以将其设为可选功能，并为用户提供选择退出的方式.只是一个空闲的想法，我还没有在实践中看到这样做:)

You could also look at including the client IP in a signed cookie, and if it doesn't match the IP presenting the cookie, you get them to log in again. This provides more protection, but won't work for people whose apparent IP address keeps changing. You could make it an optional feature, and give the user a way to opt out. Just an idle thought, I've not seen that done in practice :)

有关解释会话盗窃、劫持和固定的好文章，请参阅 Sessions和 Cookies，它提供了更多可供尝试的技术，例如使用 User-Agent 标头作为附加签名.

For a nice article which explains session theft, hijack and fixation see Sessions and Cookies which offers a few more techniques to try, such as using the User-Agent header as an additional signature.

这篇关于关于签名 cookie 而不是会话的提示的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！