token - Laravel "remember

token - Laravel "remember_token" -

- September 15, 2015

is safe use remember_token in users table authenticating user application?

what purpose of token? currently, i'm using in forms check whether user logged in - if token not present, show login screen. each time user logs out, token regenerated.

no it's not supposed used authenticate, it's used framework against "remember me" cookie hijacking. value refreshed on login , logout, if cookie hijacked malicous person, logging out making hijacked cookie useless since doesn't match anymore.

http://laravel.com/docs/upgrade#upgrade-4.1.26

Search This Blog

GHI

token - Laravel "remember_token" -

Comments

Post a Comment

Popular posts from this blog

How to access named pipes using JavaScript in Firefox add-on? -

multithreading - OPAL (Open Phone Abstraction Library) Transport not terminated when reattaching thread? -

node.js - req param returns an empty array -