Reputation: 17900
CakePHP session timeout problem
I have a problem with my authentication in CakePHP. Whatever I try, Cake will either tell me I'm de-authenticated after each request, either I'm still authenticated, even though I closed the browser before.
I'll explain in a few words how my authenticating system works. The user logs in, with either remember me checkbox checked or not. If it's checked, I will create a cookie so as the user is auto-logged in the next time he visits the site. Basically, when the user closes his browser, I need to delete all the session cookies Cake stores in the browser. This way, when the user comes back, he sees the login page if he didn't want to be remembered, or is automatically logged in from the remember me cookie if he chose to store it.
The problem is I played with both Session.timeout and Security.level from core.php, with no positive results. If I put the timeout to 0, Cake will de-auth me after each request and I'm not able to view any page so. If I put any other value for timeout, the user might close the browser and when he re-opens it, he could be still logged in, as the Cake session didn't expire.
In conclusion, how can I automatically delete the session cookie whenever the browser is closed?
Upvotes: 1
Views: 7806
Answers (1)
Reputation: 1613
Take a look at this article maybe can helps you, I use something similar for other purpose.
see: ini_set('session.cookie_lifetime', 0);
Upvotes: 3
Related Questions
- cakephp session timeout not working
- Session timeout not working in Cakephp 2
- Auth timeout problems with CakePHP
- CakePHP Session Timeout on Inactivity only
- CakePHP - session timeout
- Session expires frequently in CakePHP
- Session timeout doesn't work + cakephp
- CakePHP session/auth logging out intermittently
- Session timing out too soon with CakePHP 2.0
- CakePHP Session Expires Even When Browser is Active