I had looked into the SimpleAuth driver, but I need something a little bit more advanced than what the driver provides. No matter what I try, I can not get the session to persist. When a user logs in and does NOT choose remember me, the default config from fuel/core/classes/session.php should be used (3 hour expiration time, session end on browser close). If they DO choose remember me, the expiration time should be set to one week and the session should not end on browser close. If I check the box and close the browser and return to the site, it shows I am logged out even though the cookie is still there. HELP!
What "advanced" stuff do you need? To be honest, I only see some very complicated stuff in this controller that Simpleauth does out of the box.
You also have to be very careful with changing the session settings at runtime. The problem you probably have is that the session is loaded with default expiration values. So as soon as you start your browser, the session starts, reads the cookie, and expires it immediately.
To implement remember-me functionality, it's better to create a second session, using cookie based sessions, with a long expiration, and store the user_id in it. Using that id, you can call Auth::force_login() to log that user in again if you detect the default session doesn't give you a logged-in user.
I don't know how many extra columns I'll have on the user table, so I feel like it's far more efficient to have additional columns for each additional field I need rather than storing them all in a single column. Also, I am performing certain actions (forgot password mainly) that are a bit complicated with SimpleAuth unless the user is logged in.
You might want to switch to Ormauth in 1.6. It uses an EAV container for user meta data, so you can add an unlimited amount of additional fields. In SimpleAuth, you're supposed to put them in profile_fields, which is a serialized array, useful but less handy if you need to search on values.
There are further additions on the roadmap for auth, including "reset password" and "remember me" functionality, and additional login drivers.
Awesome!! I'll give it a shot and let you know! I thought I heard mention that you guys are phasing out ORM in 2.x though, so will I lose ORMAuth if I eventually upgrade??
Donate
