I thought this would be so straight forward but it does not seem to be. I want to give users the option when they login to check a checkbox that will leave them logged in but I can not seem to figure out how. On top of that I am trying to figure out if it matter what session store I am using. Right now I am using active record but I am looking to move over to memcache. Does it depend on session store? I would really appreciate any input I can get on this subject! -- John Kopanas john-Iau1QiYlxLpBDgjK7y7TUQ@public.gmane.org Blog: http://www.kopanas.com Conference: http://www.cusec.net Twits: http://www.twitter.com/kopanas --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On 4 Nov 2008, at 14:53, John Kopanas wrote:> I thought this would be so straight forward but it does not seem to > be. > > I want to give users the option when they login to check a checkbox > that will leave them logged in but I can not seem to figure out how. > > On top of that I am trying to figure out if it matter what session > store I am using. Right now I am using active record but I am > looking to move over to memcache. Does it depend on session store?It doesn''t (since the whole point is that you want something that will outlast the session). Typically one stores a cookie with some sort of token. Restful authentication does this, you could have a look at the code in there. Fred> > I would really appreciate any input I can get on this subject! > > -- > John Kopanas > john-Iau1QiYlxLpBDgjK7y7TUQ@public.gmane.org > > Blog: http://www.kopanas.com > Conference: http://www.cusec.net > Twits: http://www.twitter.com/kopanas > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
> I want to give users the option when they login to check a checkbox that > will leave them logged in but I can not seem to figure out how.One note on this: Be aware that by doing this you are leaving your users more exposed to click-jacking attacks. I, personally, hate when this option is presented as an opt-out. It''s fine to present the option, but I recommend making it opt-in not opt-out. I also use an external password manager and never use the built-in autofill features provided by most modern browsers (I am using 1Password on my Mac for this, which I highly recommend to any Mac users out there). I enter my 1Password into a popup dialog, and not the actual username and password of the actual site, protecting me from any click-jacking attacks. John Kopanas wrote:> I thought this would be so straight forward but it does not seem to be. > I want to give users the option when they login to check a checkbox that > will leave them logged in but I can not seem to figure out how.-- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---