diff options
author | Evan Prodromou <evan@controlezvous.ca> | 2008-06-23 22:52:34 -0400 |
---|---|---|
committer | Evan Prodromou <evan@controlezvous.ca> | 2008-06-23 22:52:34 -0400 |
commit | be3a44651c47a27907e682a8e4c9e5dd9352a1f6 (patch) | |
tree | 040c86ea5030ed65dae6ac807fff12d8da0fdf94 /config.php.sample | |
parent | 5df185a5ed0040964dc53585c5187ac5004a7834 (diff) |
implement rememberme functionality
Added a checkbox on login or register to remember the current user. If
the login is successful, this sets a cookie with a random code (saved
in the DB). If they come back, and they aren't logged in "normally",
we check to see if they have a rememberme cookie. If so, we log them
in.
However, they can't change settings -- cookie theft is too prevalent.
So we mark a session as having a "real" (password or OpenID) login, or
not. In settings pages, we check to see if the login is "real", and if
not, we redirect to the login page.
darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
Diffstat (limited to 'config.php.sample')
0 files changed, 0 insertions, 0 deletions