You would have to implement some sort of a cookie hash for the user to be checked against when they come back to the site for the remember me. But not when you do this you also need to make sure that they have to type in their password to change any personal data as someone could just come login to the site when the remember me is checked and take over the users account with out ever knowing the password.
The way i've done this in the past is when the user log-ins and has remember me checked i just create a hash and a has_expires entries in my database and put the hash in a cookie. When the users comes back to the site in my bootstrap I check for the existance of the cookie and if it exists then I associate their user_id with their session. But if they go to try and change or view any of their user info they are prompted with a password so I can verify that it's them.
I normally kept the hash for two weeks so they could be logged in for up to two weeks at time.
Jon
Christoph@vonaffenfels.de wrote:
Hi Sina,
have a look at the Zend_Auth method:
Zend_Auth setStorage (Zend_Auth_Storage_Interface $storage)
You can choose between the following storage adapters:
- Interface to implement your very own storage adapter
- NonPersistent to re-populate the authentication for each request
- Session the mainly used storage for authentication
Enjoy ZF :)
Greetings,
Christoph
Am 25.11.2009 19:00, schrieb sina miandashti:hi zf community im sina from iran i completely use zend_auth for login my users in my app but i dont know how to implement the Remember me with zend_auth plz help
-- ------------------------------------------------------------ Christoph Rust Senior Software Developer von Affenfels GmbH Kronenstraße 40 D-70174 Stuttgart Telefon +49 (0) 711 305 890-36 Telefax +49 (0) 711 305 890-90 http://www.vonaffenfels.de | christoph.rust@vonaffenfels.de Sitz der Gesellschaft: Stuttgart Handelsregister Stuttgart HRB 728101 Geschäftsführer: Christian Jehle, Jürgen Knispel
没有评论:
发表评论