Persistent login cookie based user authentication

[eluser]Ravi Raj[/eluser]
When a user successfully login by entering a login name and password, a login cookie is generated by combining the username and two randomly generated values ('series' and 'token'). The three parts are stored in the login_cookies database table. When the user returns, if their session has timed out, we parse their login cookie and look for the (user, series, token) triplet in the database. If present, we log them in and assign a new random token, which will be used the next time their session times out.
Jaspan's improvement: If an attacker manages to steal a login cookie and use it to log in as the user, when the original user returns, they will present a now-invalid triplet. We can detect
this case as their 'series' value will be present in the database but their 'token' value will not. In this case we invalidate *all* login cookies for the user. This will cancel any 'stolen session',
preventing the attacker from remaining perpetually loggged in as the user.
How Use API
Include plugin by using $this->load->library('Persistentpersistentlogincookie');
Read more on Persistent login cookie based user authentication.
http://jaspan.com/improved_persistent_lo...t_practice
http://fishbowl.pastiche.org/2004/01/19/...t_practice

[eluser]Unknown[/eluser]
Hi Ravi,

I also interest with your article. I try to download your attachment and check it. But i fail. Please guide me to download that. And also i want to know is that comfortable with codeigniter 2.1.0

Thanks!!