that's obviously the best practice to kill a cookie @see http://stackoverflow.com/a/686166/1114320
| public static deleteCookie ( string $user_id = null ) | ||
| $user_id | string | |
public static function initialize()
{
if (self::$initialized) {
return;
}
self::$initialized = true;
try {
// Initialize local session
Session::init();
if (!empty($_GET['logout'])) {
self::destroy();
Session::init();
}
if (!Session::userIsLoggedIn() && Request::cookie('remember_me')) {
if (!LoginModel::loginWithCookie(Request::cookie('remember_me'))) {
LoginModel::deleteCookie();
}
}
$currentUrl = $_SERVER['REQUEST_URI'];
$end = strpos($currentUrl, '?');
if ($end === false) {
$end = strpos($currentUrl, '#');
}
if ($end !== false) {
$currentUrl = substr($currentUrl, 0, $end);
}
// Initialize Facebook session
/*self::$facebookSession = new FacebookSessionWrapper(
Tools::getBaseUrl() . $currentUrl,
Tools::getBaseUrl() . '/logout/'
);*/
} catch (\Exception $ex) {
}
}
public function loginWithCookie()
{
$success = LoginModel::loginWithCookie(Request::cookie('remember_me'));
if ($success) {
Redirect::to('dashboard/index');
} else {
LoginModel::deleteCookie();
Redirect::to('login/index');
}
}
/**
* Login with cookie
*/
public function loginWithCookie()
{
// run the loginWithCookie() method in the login-model, put the result in $login_successful (true or false)
$login_successful = LoginModel::loginWithCookie(Request::cookie('remember_me'));
// if login successful, redirect to dashboard/index ...
if ($login_successful) {
Redirect::to('dashboard/index');
} else {
// if not, delete cookie (outdated? attack?) and route user to login form to prevent infinite login loops
LoginModel::deleteCookie();
Redirect::to('login/index');
}
}
