Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Libraries & Helpers how to implement remember me using session in CI?
how to implement remember me using session in CI?
  • Offline Paradinight
    Senior Member
  • ****
  • Posts: 446
    Threads: 6
    Joined: Jun 2015
    Reputation: 25
#2
01-18-2018, 12:49 PM

(01-18-2018, 12:39 PM)plonknimbuzz Wrote: version: 3.1.7
my config
PHP Code:
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 0//default never expire 

my login check function
PHP Code:
if($remember != 1)
{
 $this->session->sess_expire_on_close TRUE//idk if this work or not
 $this->session->sess_expiration 7200;
}
$this->session->set_userdata('logged_in'1); //this is the indicator if user logged in or not 

all my page have this script at they constructor
PHP Code:
public function __construct(){
 if($this->session->userdata('logged_in') != 1)
 redirect('login');


i always using that script to implement remember me in codeigniter.

But when i read the docs: https://www.codeigniter.com/user_guide/l...references
i realize that i did wrong implementation.
Because $this->session->sess_expiration is method to change global config session expiration time.
This means, when 1 user not check remember me checkbox. any user that already logged in and checked remember me before, will be logout too in 2 hours later. CMIIW

so i googling the solution again and found 2 way:
1. using cookie https://stackoverflow.com/questions/3984...on-library
Code:
$cookie = array(
   'name'   => 'remember_me_token',
   'value'  => 'Random string',
   'expire' => '1209600',  // Two weeks
   'domain' => '.your_domain.com',
   'path'   => '/'
);

set_cookie($cookie);


since i dont want to use cookie, so i ignore this

2. using session
exactly same as i did before.
but when i read the docs, i know that this will not work


then i read all session doc and i found tempdata : https://www.codeigniter.com/user_guide/l...l#tempdata

so now my script login will be like this:

PHP Code:
$this->session->set_userdata('logged_in'1);
if($remember != 1){
 $this->session->mark_as_temp('logged_in'7200);


what i do:
- set session logged_in = 1 when user and pass match
- if remember me not checked, mark session logged_in as temp that will destory in 7200 sec later



my question: is this the right way to implement remember me using session in CI ?

Read:
https://stackoverflow.com/questions/3128...r-30135526
https://paragonie.com/blog/2015/04/secur...#title.2.1
Reply


Messages In This Thread
RE: how to implement remember me using session in CI? - by Paradinight - 01-18-2018, 12:49 PM



Theme © iAndrew 2016 - Forum software by © MyBB