nojimage/cakephp-remember-me

RememberMe authentication adapter plugin for CakePHP 3

Installs: 2 741

Dependents: 0

Suggesters: 0

Stars: 6

Watchers: 4

Forks: 2

Open Issues: 2

Type:cakephp-plugin

v2.4.1 2019-03-12 08:02 UTC

README

Software License Build Status Codecov Latest Stable Version

This plugin provides an authenticate handler that permanent login by cookie. This plugin use method of issuing a token, instead of set to cookie encrypted username/password.

This library inspired by Barry Jaspan's article "Improved Persistent Login Cookie Best Practice", and Gabriel Birke's libray "https://github.com/gbirke/rememberme".

Installation

You can install this plugin into your CakePHP application using composer.

The recommended way to install composer packages is:

composer require nojimage/cakephp-remember-me

(CakePHP >= 3.6.0) Load the plugin by adding the following statement in your project's src/Application.php:

$this->addPlugin('RememberMe');

(CakePHP <= 3.5.x) Load the plugin by adding the following statement in your project's config/bootstrap.php file:

Plugin::load('RememberMe');

Run migration:

bin/cake migrations migrate -p RememberMe

Usage

In your AppController setup AuthComponent:

public function initialize()
{
    // ... snip

    $this->loadComponent('Auth', [
        'authenticate' => [
            'RememberMe.Cookie' => [
                'userModel' => 'Users',
                'fields' => ['username' => 'email'],
                'inputKey' => 'remember_me',
            ],
            // ... other authenticater config
        ],
        // ... other auth component config
    ]);
    // ... snip
}

RememberMe.CookieAuthenticate options

inputKey

When this key is input by form authentication, it issues a login cookie.

default: 'remember_me'

    'RememberMe.Cookie' => [
        'inputKey' => 'remember_me',
    ],

always

When this option is set to true, a login cookie is always issued after authentication identified.

default: false

    'RememberMe.Cookie' => [
        'always' => true,
    ],

dropExpiredToken

When this option is set to true, drop expired tokens after authentication identified.

default: true

    'RememberMe.Cookie' => [
        'dropExpiredToken' => false,
    ],

cookie

Write option for login cookie.

  • name: cookie name (default: 'rememberMe')
  • expires: cookie expiration (default: '+30 days')
  • secure: secure flag (default: true)
  • httpOnly: http only flag (default: true)
    'RememberMe.Cookie' => [
        'cookie' => [
            'name' => 'rememberMe',
            'expires' => '+30 days',
            'secure' => true,
            'httpOnly' => true,
        ],
    ],

tokenStorageModel

A model used for storing login cookie tokens.

default: 'RememberMe.RememberMeTokens'

    'RememberMe.Cookie' => [
        'tokenStorageModel' => 'YourTokensModel',
    ],

more configuration options see: https://book.cakephp.org/3.0/en/controllers/components/authentication.html#configuring-authentication-handlers