codeigniter4 · kenjis · Jun 8, 2022 · Jun 6, 2022 · MGatner · Jun 6, 2022
diff --git a/src/Authentication/Authenticators/Session.php b/src/Authentication/Authenticators/Session.php
@@ -495,9 +495,12 @@ private function checkRememberMe(): bool
 
     private function getRememberMeToken(): ?string
     {
-        helper('cookie');
+        /** @var IncomingRequest $request */
+        $request = service('request');
 
-        return get_cookie('remember');
+        $cookieName = setting('Cookie.prefix') . setting('Auth.sessionConfig')['rememberCookieName'];
+
+        return $request->getCookie($cookieName);
     }
 
     /**
@@ -627,8 +630,16 @@ private function issueRememberMeToken(): void
             // Reset so it doesn't mess up future calls.
             $this->shouldRemember = false;
         } elseif ($this->getRememberMeToken()) {
+            /** @var Response $response */
+            $response = service('response');
+
             // Remove incoming remember-me token
-            delete_cookie(setting('Auth.sessionConfig')['rememberCookieName']);
+            $response->deleteCookie(
+                setting('Auth.sessionConfig')['rememberCookieName'],
+                setting('Cookie.domain'),
+                setting('Cookie.path'),
+                setting('Cookie.prefix')
+            );
 
             // @TODO delete the token record.
         }

diff --git a/tests/Authentication/Authenticators/SessionAuthenticatorTest.php b/tests/Authentication/Authenticators/SessionAuthenticatorTest.php
@@ -65,6 +65,9 @@ public function testLoggedInTrue(): void
     public function testLoggedInWithRememberCookie(): void
     {
         unset($_SESSION['user']);
+        // Set Cookie.prefix
+        $cookiePrefix = 'prefix_';
+        setting('Cookie.prefix', $cookiePrefix);
 
         $this->user->createEmailIdentity(['email' => 'foo@example.com', 'password' => 'secret']);
 
@@ -77,15 +80,19 @@ public function testLoggedInWithRememberCookie(): void
         $rememberModel->rememberUser($this->user, $selector, hash('sha256', $validator), $expires);
 
         // Set Cookie value for remember-me.
-        $token               = $selector . ':' . $validator;
-        $_COOKIE['remember'] = $token;
+        $token                = $selector . ':' . $validator;
+        $cookieName           = $cookiePrefix . setting('Auth.sessionConfig')['rememberCookieName'];
+        $_COOKIE[$cookieName] = $token;
 
         $this->assertTrue($this->auth->loggedIn());
 
         $authUser = $this->auth->getUser();
 
         $this->assertInstanceOf(User::class, $authUser);
         $this->assertSame($this->user->id, $authUser->id);
+
+        // Forget Cookie.prefix
+        setting()->forget('Cookie.prefix');
     }
 
     public function testLoginNoRemember(): void