开发者

Super Simple CodeIgniter Auth with 'remember me'

My website has no user registration (members are pulled through from an offline db) and the area that you can login to doesn't hold very sensitive information.

So I want a basic login with a remember me function.

• After checking input against the DB, I plan to store their user_id, name, email in a session.

• For the remember me, I'd开发者_如何学C store a cookie with value = user_id:randomcode. The random code is generated at login and stored in a field on their user record.

Is this secure enough? or how could it be improved without getting too complex.


You should use the user_id:randomcode only once and generate a new one when the old is used. Read Persistent Login Cookie Best Practice.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜