Remember me not working,

[tonyhk]

i have tested many time for this when i login with remember me,
after i close the browser, and reopen the browser, it will logout all sessions.

[haseydesign]

This currently seems to be working fine for me in Chrome and FF.

So you can test yourself, I have 'temporarily' changed the live demo so that the config setting 'logout_user_onclose' = FALSE.

To test, do the following:
1: Login with 'Remember Me' checked @ http://haseydesign.com/flexi-auth/auth.
2: Check your login status @ http://haseydesign.com/flexi-auth/auth_lite/privilege_examples (You should be logged in)
3: Close your browser completely - not just the tab.
4: Reopen the browser @ http://haseydesign.com/flexi-auth/auth_lite/privilege_examples
5: You should be still logged in via 'Remember Me'

The important setting you have to ensure are set is the $config['security']['logout_user_onclose'] = FALSE; within the flexi auth config file.
The other important setting is $config['sess_expire_on_close'] = FALSE; within the CI config file.

[tonyhk]

i had followed the settings, you provided but it still not work.
now i am guessing is my session settings problem

$config['sess_cookie_name'] = 'xxx_session';
$config['sess_expiration'] = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'xxx_session';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;

because i add some diagnostic in libraries\flexi_auth_lite.php
when i logged in with remember me,
and i reopen the browser it show
validate_database_login_session
validate_database_login_session

it seems CI will resume the session_id in database, so $this->is_logged_in() will be always ture

please help if it is my problem or others ,thanks
########################################################
// Validate login credentials on every page load if set via config file.
if ($this->is_logged_in() && $this->CI->auth->auth_security['validate_login_onload'] && !isset($this->CI->flexi_auth_lite_model->auth_verified))
{
echo "validate_database_login_session";
$this->CI->flexi_auth_lite_model->validate_database_login_session();
}
// Auto log in the user if they have 'Remember me' cookies.
else if (!$this->is_logged_in() && get_cookie($this->CI->auth->cookie_name['user_id']) &&
get_cookie($this->CI->auth->cookie_name['remember_series']) && get_cookie($this->CI->auth->cookie_name['remember_token']))
{
echo "login_remembered_user";
$this->CI->load->model('flexi_auth_model');
$this->CI->flexi_auth_model->login_remembered_user();
}

[tonyhk]

i found the problem is in flexi_auth_lite is_logged_in()
it will be always true when you login and reopen completely closed browser
and i check the CI_sessions, the session stored in database is contain user_identifier
could you suggest the correct settings,thanks

PS. i already used the updated library from github

[haseydesign]

I'm not sure I'm understanding your situation properly.
If you are saying that the settings for the current live demo @ http://haseydesign.com/flexi-auth/auth are working for you, then here are the flexi-auth config settings as currently used on the site:

$config['security']['validate_login_onload'] = TRUE;
$config['security']['login_session_expire'] = 60_60_3;
$config['security']['extend_login_session'] = TRUE;
$config['security']['logout_user_onclose'] = FALSE;
$config['security']['unset_password_status_onclose'] = TRUE;
$config['security']['user_cookie_expire'] = 60_60_24*14;
$config['security']['extend_cookies_on_login'] = TRUE;

[tonyhk]

it seems to be CI ,CI Session problem, could you tell me your demo is using which version of CI ,thanks

it looks like the CI not destroy the session after the browser , when the browser reopen it use the not destroy session and resume , so $this->is_logged_in() $this->CI->auth->session_data[$this->CI->auth->session_name['user_identifier']]; will be true.

also i had sent the testing lab to your mail, could you help? thanks

[haseydesign]

Hey Tony, the version of CI I'm using is 2.1.3.

Regarding the zip file you sent me, I'm sorry, but I have 5 other projects that I am currently working on and I don't have the free time to setup your installation and debug the problem you're having.

If you have specific questions or input to give regarding the library, I will try and help out when I get the time.

[tschiemer]

Hej, ran into the same problem, not completely analyzed it yet, but in my case it could be traced to the flexi_auth_lite library being loaded right before the flexi_auth library, the remember-me check would succeed the first time and fail the second time and as consequence remove any session and db cookies and thereby unwanted logouts.

In the log it would appear as follows (after tweaking the library..):

DEBUG - 2013-12-12 20:28:27 --> Controller Class Initialized
DEBUG - 2013-12-12 20:28:27 --> Initialiazing Flexi_auth_lite library
DEBUG - 2013-12-12 20:28:27 --> Model Class Initialized
DEBUG - 2013-12-12 20:28:27 --> Session Class Initialized
DEBUG - 2013-12-12 20:28:27 --> Helper loaded: string_helper
DEBUG - 2013-12-12 20:28:27 --> A session cookie was not found.
DEBUG - 2013-12-12 20:28:27 --> Session routines successfully run
DEBUG - 2013-12-12 20:28:27 --> Helper loaded: cookie_helper
DEBUG - 2013-12-12 20:28:27 --> Config file loaded: application/config/flexi_auth.php
DEBUG - 2013-12-12 20:28:27 --> Language file loaded: language/english/flexi_auth_lang.php
ERROR - 2013-12-12 20:28:27 --> Flexi_auth_lite: remember me user exists
ERROR - 2013-12-12 20:28:27 --> Flexi_auth_lite: Set user login sessions SUCCESS
ERROR - 2013-12-12 20:28:27 --> Flexi_auth_lite: Extend 'Remember me' SUCCESS
DEBUG - 2013-12-12 20:28:27 --> Initialiazing Flexi_auth library
DEBUG - 2013-12-12 20:28:27 --> Initialiazing Flexi_auth_lite library
ERROR - 2013-12-12 20:28:27 --> Flexi_auth_lite: remember me user does NOT exist

Note the relevant function being: flexi_auth_model::login_remembered_user()

A dirty fix in my case: in library/Flexi_auth.php, line 36 edit

// Load the flexi auth Lite library to allow it to be extended.
load_class('Flexi_auth_lite', 'libraries', FALSE); // <--- original
require_once APPPATH . 'libraries/Flexi_auth_lite.php'; // replacement

A "fix" to come, when time comes..

But essentially the same effect would occur when intentionally loading the lite library first, and then loading the full library.

[dansanti]

Hi, i noticed that also when i make click in another tab causes to be loged out inmediatamente, also when i lost windows focus,( especially on ajax call when i'm away)