How to implement Remember me in CakePHP?

Question

I am trying to implement Remember me feature using CakePHP.
Actually I'am using CakePHP Auth for authentication method.
Can we save password in cookies??
which one is the better way?

See http://stackoverflow.com/a/12480024/491494 – Wayne Whitty Nov 30 '13 at 10:21 — Wayne Whitty, Nov 30 '13 at 10:21

Guillermo Mansilla · Answer 1 · 2013-11-30T18:54:48.997

NEVER EVER save passwords in cookies, even if they are encrypted.

The strategy to follow is something like this:

Create a new field in your users table to storage a token.

After user logins you check if they clicked "remember me".

If they want to be remembered then you generate a random hash as a token and save it to database and the cookie (this is much better than saving the actual password).

Now, the next time they want to login the first thing to do is to check if your login cookie exists, if it does then you compare that cookie to the value you have in your database, if they coincide then you log in the user and immediately after you generate a new token, the new token will be saved in database and in the cookie.

score 1 · Accepted Answer · answered Dec 01 '13 at 16:26

1

Check this ready to use solution AutoLoginComponent and docs.

answered Dec 01 '13 at 16:26

redd

260
2
8

How to implement Remember me in CakePHP?

2 Answers2