-
Notifications
You must be signed in to change notification settings - Fork 231
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
isRemembered( ) always returns false #277
Comments
The remember_me Cookie is not part of the Session. You've to close your browser in order to get remembered. Or at least delete the current Session. |
This is the intended behavior. Maybe the documentation needs to be improved, though.
No, this is actually a wrong understanding of its purpose. But, again, it may be the docs’ fault. A method for a scenario like this would perhaps be called
Yes, this is actually the intended purpose and behavior. Please note that this is different from what you described before. The use case is actually the following: You want to know whether the user just authenticated directly, with their credentials present, or whether they authenticated a longer time ago and were just logged in implicitly via their “remember me” cookie. In the former case, you have stronger authentication. In the latter, you may want to re-authenticate. Your other use case, i.e. determining whether the user wants to be remembered (later), could be implemented by simply checking for the presence of the “remember me” cookie. Does that help? |
I'm new to PHP-Auth but love it--it's been so easy to integrate and the documentation is great! Thanks for all your work.
In my testing, I call login() with the third $rememberDuration parameter. I can see this is successful by inspecting the database and cookies. isLoggedIn() also returns true.
However isRemembered() consistently returns false after logging in and I'm not sure why. From my understanding of the docs and source, this call should return true if the relevant session variable isset. Or, in other words, it should return true when the user checks the Remember Me box and is subsequently logged in by virtue of being remembered through the presence and value of the remember_xxx cookie.
Notably this:
var_dump((bool) $_SESSION['auth_remembered']);
consistently returns false (I confirm the array key exists and it isset).
Not sure if this is a question or a documentation enhancement request!
The text was updated successfully, but these errors were encountered: