I’ve written my own model to handle authentication but I was just wondering how I would go about implementing a ‘Remember Me’ function?
To log in a user I simply set the following userdata: UserID(int), LoggedIn(bool)
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’ve written my own model to handle authentication but I was just wondering how I would go about implementing a ‘Remember Me’ function?
To log in a user I simply set the following userdata: UserID(int), LoggedIn(bool)
A ‘remember me’ is implemented via cookies.
Your cookie should be of the form ‘RememberMe=userid:[something-confirming-authentication]’
So the difficult part is to get the ‘something-confirming-authentication’. This is best implemented as:
The ‘salt’ is a series of random characters generated against the User and stored alongside it, in the database.
Then, you may confirm that when this exists (you have the data to calculate this hash yourself on the server, so you do so) you mark the user as logged in.
For further security benefit, you may like to encrypt this component of the cookie as well, with aes256, and decrypt before attempting to check the hash.