Cake PHP 3.5 Auth remember me


#1

Helllo!

I use https://book.cakephp.org/3.0/en/controllers/components/authentication.html Auth component. How can I add to this remember me option?

Thanks!


#2

When you only want to “remember” the username, you could set a cookie for that. Though I would’t recommend to set the password in that cookie also (for security reasons, obviously…)

If you want to get the user automatically logged in, whenever he/she visits your site, I’m currently not aware of any (secure) variant to achieve this…

Hope this helps


#3

I also don’t think that remembering user/pwd in a cookie is very safe. People should leave this to client side solutions, like a password manager. The alternative is using SSO. You could even have people log in using Facebook. Not my personal preference, but it can be done. :slight_smile:


#4

The new Authentication plugin includes functionality for this. It’s just an extra authenticator you can enable in the middleware. The password is encrypted in the cookie. Up to you to decide whether that’s an acceptable level of risk for your application.