keeping session alive after browser closed, possible?


S

soni2926

hi,
i'm working on a site, which has a session created after a user
logins, each page checks to make sure the session is there onload
otherwise redirects to the login page. now the clients are asking us
to make a remember me feature, is there any way to do this with the
existing session set up? or do i need to rework it, as remember me
from what i was planning was going to drop a cookie, so do i need
change all those session checks to cookie checks or anyway to have
remember me work with sessions instead? as they want it so if they
close the pc for the night or just the browser and come back later or
the next day login should not be required if they directly hit the
homepage.

Thanks.
 
Ad

Advertisements

H

Hans Kesting

(e-mail address removed) formulated on donderdag :
hi,
i'm working on a site, which has a session created after a user
logins, each page checks to make sure the session is there onload
otherwise redirects to the login page. now the clients are asking us
to make a remember me feature, is there any way to do this with the
existing session set up? or do i need to rework it, as remember me
from what i was planning was going to drop a cookie, so do i need
change all those session checks to cookie checks or anyway to have
remember me work with sessions instead? as they want it so if they
close the pc for the night or just the browser and come back later or
the next day login should not be required if they directly hit the
homepage.

Thanks.

The session itself doesn't close immediately when the browser is closed
(the server doesn't know that that browser closed). But as the browser
closes, it forgets it's session-cookie, so it can't go "back" to that
session.

What you will need to do is have a permanent cookie (that is: with
expiry date) stored on the client. When a "guest user" (that is: not
logged in) hits your homepage, check that cookie. If it contains a
valid "token" (you can decide what that is), then log that identified
user in automatically.

If the user explicitly logs out, remove that cookie by overwriting it
with an empty one.

Hans Kesting
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top