Opened 4 years ago
Last modified 16 months ago
#1268 new Defect
Pull out session code to own table so "remember me" will work on multiple sessions.
| Reported by: | cash | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | Elgg 1.9.0 |
| Component: | Core | Version: | 1.6 |
| Severity: | minor | Keywords: | |
| Cc: | marcus, brettp, | Difficulty: | moderate |
Description
The implementation of the elggperm cookie trashes sessions preventing people from logging in from more than one computer/browser. This is a general annoyance when using multiple browsers or computers and using the site only with a browser. Once you start using the REST api with user sessions this is unworkable. For example, a tweetdeck like app and a browser will continually log the other out.
The use of the code for non-cookie sessions seems unnecessary. Also the code could be broken out into its own table so that a user can have more than one code.
Change History (7)
comment:1 Changed 3 years ago by cash
- Priority changed from major to minor
comment:2 Changed 3 years ago by brettp
- Milestone changed from Elgg 1.7 to Elgg 1.8
comment:3 Changed 3 years ago by brettp
- Difficulty set to moderate
comment:4 Changed 3 years ago by brettp
- Summary changed from Session issues due to elggperm cookie to Pull out session code to own table so "remember me" will work on multiple sessions.
comment:5 Changed 2 years ago by ewinslow
- Milestone changed from Elgg 1.8 to Elgg 1.8.1
comment:6 Changed 16 months ago by cash
- Milestone changed from Elgg 1.8.x to Elgg 1.8.5
comment:7 Changed 16 months ago by cash
- Milestone changed from Elgg 1.8.5 to Elgg 1.9.0
Note: See
TracTickets for help on using
tickets.
The session trashing has been fixed. Users are still limited to a single remember me cookie.