* Enable secure cookies for authentication
Enables secure cookies for authentication when HTTPS is used.
* Add line with example secure session cookies
* Fix comment line that's too long
* Remove session secure cookie config
* Added secure cookie config to init.php
Commented out because having this enabled will prevent the server from sending cookies over HTTPS.
* Enable secure cookies if config value provided
* Make code formatting consistent
* Remove secure cookie config
* Use $config['secure_cookies'] to set cookies
* Add default option to turn secure cookies on
* Fix formatting issues
* Set secure cookies to default to false
* Add info about secure cookies
* Fix formatting
* Remove trailing whitespace
* move secure cookie default config to defaults.inc.php
* Remove trailing whitespace
* Fix formatting
* Remove empty line by rrd config
* Remove whitespace
* fix: Two-Factor Auth
Moved library to a class to take advantage of namespacing and auto loading.
Update the two factor code to use the AuthenticationException for error messages.
Fix remember me to work with 2fa.
* missing change
* fix: minimize session open time
page/graphs speedup part 2
Write close the session as soon as we no longer need to write to it. Prevents the session from blocking other requests.
Do not run through full authentication functions if the session is already authenticated.
Removes password from the session as well as some items to prevent session fixation from #4608.
WARNING: This will cause issues for ad/ldap users who do not have a bind user configured!
* Do no erase username when using cookie auth.
Properly close the session in ajax_setresolution.php
* write close the session as soon as possible in ajax_setresolution.php
* Remove session regeneration. It is not compatible with the current code and would require more changes.
* Totally refactor authentication. Extract code to functions for re-use and improved readability
* Use exceptions for authentication and error logging
Tested: mysql, ad_auth with and without bind user
* fix a couple scrutinizer issues
* fix reauthenticate in radius
