• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Need some guidance cookies

#1
I have a question about setting token for cookies.

When the user checks the remember me it will insert the user id and identifier and token to my auto login table

But the token should that be stored in a session?

I can set the cookie data fine but now it just trying to make the checks work so when user has clicked remember me it will auto log them in.

I am just new to creating a remember me with id and tokens.

http://pastebin.com/JmRk6d3M


PHP Code:
<?php

defined
('BASEPATH') OR exit('No direct script access allowed');

class 
Welcome extends CI_Controller {

    public function 
index()
    {
        
$this->load->library('encryption');
        
$this->load->helper('url');

        
$user_id '1';

        
$identifier crypt($user_id,'$6$5,j$2.$');

        
$token "$2y$10$".bin2hex(openssl_random_pseudo_bytes(22));

        
$timeout time() + 60 60 24 7;

        
$remember $this->input->post('remember');

        if (isset(
$remember)) {

            
$data = array(
                
'user_id' => $user_id,
                
'token' => $token,
            );

            
//$this->session->set_userdata($data);

            /*    
                If the user checks the remember me checkbox then insert 
                the identifier and token to database
            */

            
$cookie = array(
     
           'name'   => 'remember',
     
           'value'  => "$identifier:$token",
     
           'expire' => $timeout,
     
           'domain' => '.localhost',
     
           'prefix' => '',
     
           'secure' => FALSE
                
'httponly' => TRUE,
     
       );

     
       $this->input->set_cookie($cookie);

 
       }

        
$this->load->view('welcome_message');
    }

There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!
Reply

#2
If the remember me token passes and you get the users login data just set the session logged_in = true

You have logged the user in so that should be all you need to do.

In your Auth Library:

PHP Code:
    /**
     * logged_in ()
     * --------------------------------------------------------------------
     *
     * Check to see if a user is logged in
     *
     * Look in the session and return the 'logged_in' part
     *
     * @return  bool
     */
    
public function logged_in()
    {
        return (
$this->_ci->session->userdata('logged_in') == true) ? true false;
    } 
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#3
(07-22-2016, 04:20 AM)InsiteFX Wrote: If the remember me token passes and you get the users login data just set the session logged_in = true

You have logged the user in so that should be all you need to do.

In your Auth Library:

PHP Code:
    /**
     * logged_in ()
     * --------------------------------------------------------------------
     *
     * Check to see if a user is logged in
     *
     * Look in the session and return the 'logged_in' part
     *
     * @return  bool
     */
    
public function logged_in()
    {
        return (
$this->_ci->session->userdata('logged_in') == true) ? true false;
    } 

Thanks will have a go over week end.
There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.