View Full Version : Remember Me!

19 Mar 2014, 5:57 AM
Hate having to log in each time you restart your browser? The session lives for the browser session so if you close the browser, you are effectively logged out.

I pushed an update last night for something else for internal use but a change that was already queued up got to tag along for the ride and that is the ability for remember me. So now when you reopen the browser, you should still be logged in. Win!

But I wanted to give some more details on how it works. I've seen some sites save my username and even a hashed password which isn't very secure. md5 a password isn't enough to protect it. The way I'm doing it is I create a secure hash (which isn't based on username or password) and that is what is saved in the cookie. On the backend, I match that hash with the forum account. Further more, a hash only lives for one usage. So if you refresh the browser the app will send a check to see if a user is logged in and of course the cookie goes along for the ride. It will then die and a new one is created.

So enjoy never logging in again! Well, unless you uncheck the checkbox or have cookies disabled or go to a new computer or a new browser or open private mode on your browser. :)

19 Mar 2014, 5:54 PM