[eluser]WanWizard[/eluser]
That's how sessions work. Sessions are used to maintain (or create the illusion of) state in a stateless environment.
Sessions work automatic and in the background, there is nothing you should do about it. The session library will make sure there is always a session available.
Normally the flow is:
Code:
// a variable to store form data
$data = array();
// load the user model
$this->load->model( 'user_model' );
// do we have a user_credential in the session
if ( $this->session->userdata('user_credential' )
{
// restore the user session
$this->user_model->restore_loggedin_state();
}
// do we still have a user_credential in the session?
// the model could have detected a failure and logged us out!
if ( $this->session->userdata('user_credential' )
{
// load the logout form
$data['login_panel'] = $this->load->view('logout', TRUE);
}
else
{
// load the login form
$data['login_panel'] = $this->load->view('login', TRUE);
}
// load the page view
$this->load->view('page', $data);
In an application you would probably want to split the processing, and do the checking and the prepwork in a MY_Controller extension, so it happens automatically for every page request. Your user_model could then contain methods like is_logged_in(), on which you can base actions in your controllers.
If you want to log this user out, all you have to do is to delete the "user_credential" variable from the session. The user will be logged out at the next page request (and you can help him with that by redirecting after the logout).