Welcome Guest, Not a member yet? Register   Sign In
FreakAuth login question


I have just started using CI v1.6.3 and FreakAuth_light 1.1 for one of my projects. However, I noticed a "strange" thing while playing around with FA_light. It seems that after I have logged in, if I exit the browser and restart the browser, I will stay logged in?

My question is: although FA_light stores sessions in a MySQL table, is this the intended behaviour? If so, isn't this a bit of a security risk? By the way, I am using Firefox for this test.

My follow-on question is, short of having to ask the user to manually clear out personal history when he closes the browser, how can I stop this from happening? Does shortening of the expiry time in config.php help? Or are there other possibilities?

Appreciate any help you guys can offer!


Theme © iAndrew 2016 - Forum software by © MyBB