Myth:Auth |
Ahh, that was much easier than I expected. I was trying to use myth/auth/login, not realizing it was already routed.
Thanks!
It is also the first place to check if you are new to Codeigntier 4 and want to learn from real world examples: validation, multilingual, error reporting in forms etc. Infact it answerers many posts in forum in self explaining way.
Been waiting for this, thanks Lonnie!
First of all a huge thank you to Lonnie for his fantastic work and sacrifice for the community and for the realization of Myth:Auth !!!
I apologize if maybe I'm not writing in the right place, but I would have a doubt about the session management. I would like that if the user closes the browser he loses access to the portal (it's a reserved portal) and at the next access he must authenticate himself; I would like that if, instead, he presses "remember me", then a cookie is kept and the user can come back the next day without logging in. Currently on CI3 I use the CommunityAuth library and it works in this way. I've been trying since yesterday with Myth:Auth, but it seems to me that the login is always remembered (even if you don't check the option); it expires only when the time set in App\Config sessionExpiration passes. In the same way, I tried to set sessionExpiration to 30 seconds, login with "remember me", close the browser, reopen it after 1 minute. And the session was not remembered. Currently in CI4 I left the default FileHandler Driver set as sessionDriver (while on CI3 I save sessions in the database).. But I don't think this can change anything. I tried to take a look at the source, but I gave up: as little as I understand, I can't find any obvious errors. Has anyone had a chance to experience this behavior yet? Do you have any suggestions? Thank you all in advance!
You need to set session expire to 0 then it will delete the session on web browser exit.
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
(04-21-2020, 03:29 AM)InsiteFX Wrote: You need to set session expire to 0 then it will delete the session on web browser exit. Thanks for your answer. I have already tried this way: it works fine if I do not want "remember me". But it does not work like I expect when I use "remember me" in Myth:Auth.. When I close browser and reopen it, the user must sign in again. I tried two computers, both Chrome and Firefox... I doubted if it could be something browser-related as well. Sessions have driven me crazy in the past, when I tried to handle them on my own.
You might be able to try using a __deconstruct in your BaseController and
destroy the users session. What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
(04-24-2020, 08:06 AM)InsiteFX Wrote: You might be able to try using a __deconstruct in your BaseController and Thank you @InsiteFX for your new reply. But forgive me if I don't think what you've pointed out might be a solution... Why should I destroy the session in the __deconstruct? I think it is correct to set $sessionExpiration=0 in Config\App (this way if the browser is closed the session will be deleted, so the user is no longer logged in when the browser is opened again); the only problem is that there is something wrong with "remember me" option. I analyzed a bit the source of Myth:Auth (even if I'm a bit incapable). There is a rememberUser function inside AuthenticationBase that is called when the user checks the "remember me" box; it saves a record in the DB (this works fine!); then it should save a "remember" cookie via HTTP Responses. But it seems that this cookie is not saved...! I see the ci_session cookie, but not the "remember". For this reason the check function inside LocalAuthenticator fails, not finding the "remember" cookie set. I tried to set a cookie through a normal set_cookie (by calling the CI helper); if I do it inside Myth:Auth cookie is not saved; if I do it inside my Dashboard controller (which extends BaseController, in the namespace App\Controllers), I see the cookie save itself. What I would like to understand is if it's possible that there is a small bug in saving this cookie, or maybe it's due to an error of mine in integrating the library in my project (even if everything else works perfectly) or to a configuration of mine. I don't want to be rude to continue on this thread; if you think it's better to open a new one please tell me ;-) Thank you for your patience.
Did you set the Remember me in the auth config file to true?
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
(04-25-2020, 08:21 AM)InsiteFX Wrote: Did you set the Remember me in the auth config file to true? Yes, of course! I set $allowRemembering = true in /vendor/mythauth/src/Config/Auth.php...I am sure the setting working fine 'cause if I leave it to disabled the checkbox is not displayed. Also, I've done a little debug of library and, as I have sayed before, if I check "remember me" option the function rememberUser inside AuthenticationBase.php is loaded: it write the token inside auth_tokens table of DB, but it seems it does not save the cookie. In Firefox and Chrome developper tools I cannot see it.. And when I close and reopen browser (if I set CI to destroy user session) the function check inside LocalAuthenticator.php look for the cookie "remember", but cannot find it. But, excuse me @InsiteFX, you use myth:auth library and "remember me" option works fine for you? I forgot... A doubt that came to me yesterday. Do I need to fix something within my Config/App cookie settings? I left everything by default... And the session cookie is correctly saved by CodeIgniter; in the same way if I create a cookie from my BaseController in the application namespace, it is created correctly. But isn't it that maybe I need to set something else to make myth:auth save the cookie from its namespace?
Another update.
I was investigate how HTTP Responses should work... And now I am able to let "remember me" to work, adding a Code: $response->send(); It seems strange to me that there might be a little bug in the myth:auth library, that is really good developed... And it seems even stranger to me that no one could have noticed it before me. Anyway, I have opened an issue on GitHub and now I am waiting that contributors give me an answer. |
Welcome Guest, Not a member yet? Register Sign In |