rockinaway Posted November 25, 2011 Share Posted November 25, 2011 Okay, at the moment, when a user logs into my website a token is created. The token is made from a random code, their name and their email. This token is then stored next to their name in the DB. If the user chooses to be remembered, the token is stored as a cookie, otherwise it's stored as a session var. Every time a page is loaded, a comparison is made between the DB token and the session/cookie token to authenticate. HOWEVER, this does not work if the user decides to login from different locations/ip addresses. How would I go about allowing this? Could I created a table and then store the IP address and the token for that IP address? Quote Link to comment https://forums.phpfreaks.com/topic/251810-user-authentication/ Share on other sites More sharing options...
alexpja Posted November 26, 2011 Share Posted November 26, 2011 I would recommend doing what you suggested, except having a username column so it can *somehow* verify it's that user, unless the token will verify it. That should work, good luck Quote Link to comment https://forums.phpfreaks.com/topic/251810-user-authentication/#findComment-1291259 Share on other sites More sharing options...
rockinaway Posted November 26, 2011 Author Share Posted November 26, 2011 Okay yeah, sounds good. I will use the user id instead. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/251810-user-authentication/#findComment-1291291 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.