+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: persistent login (/showthread.php?tid=64845)
persistent login - rakibtg - 04-02-2016
How would you implement a persistent login in CI3?
No need to write code, please give me some pseudo ideas, would help me a lot :-)
I wanted to write a library that simple handle the persistent login issue. I dont want to use any third party auth system.
Thanks for your time and have a great day!
RE: persistent login - InsiteFX - 04-02-2016
Save a hashed cookie on the users system and check for it on login, if they have the cookie do a auto login method.
RE: persistent login - cartalot - 04-03-2016
one compromise that amazon does that i think is graceful. lets say you shop at amazon and put some stuff in the cart, but do not complete the purchase
then you come back two weeks later on the same computer and web browser. Amazon does not ask you to immediately log-in again - they read your cookie - and let you continue with your shopping session. BUT when it comes time to actually place the order - possibly with a credit card that is already on file with them - you have to log in (again).
RE: persistent login - keulu - 04-04-2016
like insiteFX,
after a login, with option "remember me ?" write a cookie.
next time :
if you don't have cookie -> normal login
if you have cookie -> autologin
after a manual log out, remove the cookie...
RE: persistent login - kilishan - 04-04-2016
First off, realize that Remember Me functionality is very easy to hack if not implemented very carefully. Which is one good reason not to implement your own. However, even if you were to use someone else's you'd need to know what to look for to ensure it was secure, anyway. This article provides a pretty good look at what can go wrong and how to implement a pretty secure version of it.