CodeIgniter Forums
FreakAuth login question - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forum-21.html)
+--- Thread: FreakAuth login question (/thread-11608.html)



FreakAuth login question - El Forum - 09-16-2008

[eluser]sito[/eluser]
Hi,

I have just started using CI v1.6.3 and FreakAuth_light 1.1 for one of my projects. However, I noticed a "strange" thing while playing around with FA_light. It seems that after I have logged in, if I exit the browser and restart the browser, I will stay logged in?

My question is: although FA_light stores sessions in a MySQL table, is this the intended behaviour? If so, isn't this a bit of a security risk? By the way, I am using Firefox for this test.

My follow-on question is, short of having to ask the user to manually clear out personal history when he closes the browser, how can I stop this from happening? Does shortening of the expiry time in config.php help? Or are there other possibilities?

Appreciate any help you guys can offer!

Cheers.