PDA

View Full Version : Using Cookies to authenticate returning users.



Vitani
04-24-2013, 10:51 AM
Hi,

I'm in the middle of building up a site where users can submit text and stories (kind of like a library of sorts), and I wanted to user cookies to authenticate users who make return visits.

The main reason was for a remember me function, the user logs in and a cookie is set which keeps them in for the next 30 days.

So far I've managed to get the cookie set (with a unique code to identify each user), but I can't get it to authenticate any user.


Basically, when a user attempts to log in, it checks the username and password against a database, takes the password and hashs it, adds a salt and then stores that as an AuthCode in the database under a seperate table.

At the same time it takes the AuthCode and gives it to the cookie, which the user gets.


Any time after this initial login (for up to 30 days) its supposed to check the cookie value against the value in the db and if it matches, pull the correct info for the user and log them in.

But it just continually treats them as a guest.
I can code my way around that issue but after that I can't get it to identify a empty or non-set cookie as guest, it just gives the last username in the useraccounts table.

I can post full code examples if you need them.