-
Notifications
You must be signed in to change notification settings - Fork 11
Remember me not working properly? #43
Comments
Can you post where you actually perform the login action? // For testing purposes, manually set the last parameter to "true"
// and check if the problem persists.
Warden::authenticate($username, $password, true) |
yes I am having it set, but still not working! |
Hmm, very weird. I use this functionality and it works without problems. |
Yes it is set and its weird. Do I need to extend Fuel's session expiration_time (for example to 2 weeks instead of default 2 hours?) in order for this to work? Thanks |
No, you don't need to extend Fuel's default configuration. |
if (Warden::authenticate($val->validated('username'), $val->validated('password'), Input::post('remember', false) ? true : false)) |
UPDATE: here is my complete base controller that calls Warden::check() which should also check for remember_me cookie... somehow this is not working for me. Need to debug more, but no time:
|
OK after some debugging seems like \Cookie::get($this->config['rememberable']['key']) in auto_login() function, which is called at check() returns empty string, even though the cookie is sent. $this->config['rememberable']['key'] returns 'dewesoft.auth.remember_me' |
@PrimozRome what is your |
@dre1080 my config is like this:
Yes I had die() in my previous post about debug... But I have now remove it and still seems like that \Cookie::get($this->config['rememberable']['key']) is returning nothing... Check attached image: |
@PrimozRome No screenshot here... can you upload it again? |
Cookie configuration maybe? |
Try this
|
thanks on the tips, will try it and see what happens! |
@PrimozRome One thing I found here while revising the code. As you stated in #33, your app is based on a user-permission system, right? Did you completely remove the roles? public function auto_login($role = null)
{
if (($token = \Cookie::get($this->config['rememberable']['key']))) {
$user = \Model_User::find_by_remember_token($token);
if ($user) {
if ($this->has_access($role, $user)) {
// Complete the login with the found data
$this->complete_login($user);
// Automatic login was successful
return true;
}
}
}
return false;
} As you can see, it uses the |
No I still use roles, I just removed relations between roles and permissions and instead setup a relation between users and permissions so I have user-based permissions system, instead role-based permissions... That said, the auto_login function is the same as in main repo... I only changed the function where can() and cannot() functionality is verified based on user's permissions. |
@PrimozRome Something new with this issue? |
@andreoav yes I have some news but no conclusions...
Done and I got false
Done and got true
Done and got true again... But then if I just leave the app idle for god knows how much time (I assume as long as fuel session timeout is set), the check returns false... should still remember me right? |
@PrimozRome, @dre1080 might have a more precise answer but I suppose that you must be logged in for the duration you set to the cookie. The fuel session timeout it's only a default option, Warden uses the ttl that is set in your warden config file. I have a big ttl in my app and I didn't have problems so far. |
What is your ttl setting? Mine is 1209600... For my remember_me cookie the expiration date is Thu May 16 14:08:56 2013 so the ttl setting is large enough, but Warden::check() still returns false after while... The problem here is Fuel for some reason doesn't reed my remember_me cookie. It's there but \Cookie::get('dewesoft.auth.remember_me') returns null. Check this screenshot where you can see sent cookies, my test controller code and output... It reads other cookies but doesn't want to read remember_me cookie. I am completely out of idea here! |
Well would you believe it!!! I finally found out the problem... it's a problem in remember me cookie name. I have used dots in my remember me cookie name 'dewesoft.auth.remember_me'. Renaming this cookie into something that doesn't include dots worked! Then I Googled and find out this article stating that PHP cookies are not allowed to use dots in cookie names: http://harrybailey.com/2009/04/dots-arent-allowed-in-php-cookie-names/. Whoooot? |
Nice, I did not think it could be the name of the problem. |
Ahh, glad to see the issue was solved |
I am having problem with remember me functionality... i have turned it one:
'rememberable' => array(
'in_use' => true,
'key' => 'warden_remember_me_token',
'ttl' => 1209600,
),
but it keeps signing me out ...
The text was updated successfully, but these errors were encountered: