[Catalyst] Re: Persistent login
mla
maurice.aubrey at gmail.com
Wed May 16 00:07:28 GMT 2007
Wade.Stuart at fallon.com wrote:
> "Evaldas Imbrasas" <evaldas at imbrasas.com> wrote on 05/15/2007 05:45:11 PM:
>
>> Persistent login is the one that lasts longer than a session. When a
>> user logs in, she gets an option to be remembered for a given period
>> of time. If this user comes back within that period of time, she is
>> auto-logged in. A good example for this is mail.yahoo.com.
>
> I do not know what you mean "lasts longer then a session" -- http is
> stateless, if you want state (such as logged in and authorized) you need
> some sort of session (cookie, uri, hiddenform,...).
>
> http://search.cpan.org/~mramberg/Catalyst-Plugin-Session-0.14
> /lib/Catalyst/Plugin/Session.pm
I think the OP means an auto login facility where you have a persistent
cookie. On session initialization, if the persistent cookie is present,
you automatically authenticate the user. Usually the cookie value is
a hard to guess string (SHA1 or MD5 hash) so it becomes a password
equivalent. That value is looked up in the db (or wherever) to map it
back to the original user id it was assigned to.
Maurice
More information about the Catalyst
mailing list