FreakAuth login question - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21) +--- Thread: FreakAuth login question (/showthread.php?tid=11608) |
FreakAuth login question - El Forum - 09-16-2008 [eluser]sito[/eluser] Hi, I have just started using CI v1.6.3 and FreakAuth_light 1.1 for one of my projects. However, I noticed a "strange" thing while playing around with FA_light. It seems that after I have logged in, if I exit the browser and restart the browser, I will stay logged in? My question is: although FA_light stores sessions in a MySQL table, is this the intended behaviour? If so, isn't this a bit of a security risk? By the way, I am using Firefox for this test. My follow-on question is, short of having to ask the user to manually clear out personal history when he closes the browser, how can I stop this from happening? Does shortening of the expiry time in config.php help? Or are there other possibilities? Appreciate any help you guys can offer! Cheers. |