[Catalyst] Re: Persistent login

[Jonathan Rockway]

On Tuesday 15 May 2007 06:19:02 pm Evaldas Imbrasas wrote:
> > I do not know what you mean "lasts longer then a session"  -- http is
> > stateless,  if you want state (such as logged in and authorized) you need
> > some sort of session (cookie, uri, hiddenform,...).
>
> I am already using standard Catalyst plugins that handle sessions and
> authentication. I set sessions to expire after 1 hour of inactivity.
> What I'm looking for is the ability to auto-login users when they come
> back after, say, 1 week, when their previous session is long expired.

Use the session plugin and set the session expiration to ... 1 week.  If some 
data needs to expire sooner than that ... expire it sooner than that.

Here's what I would do.  Create a session and log the user in.  Store a "last 
login" time in the user_class.  If the last_login (or last_activity; 
whatever) is too long ago, delete data from the session and start over.

Another thing you could do is to set a cookie with the user's login name, and 
use that to pre-fill the username box on the login page, etc.

Am I missing something here?

-- 
package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do {
$,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //,
";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup;