• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.2 remember_key

#1
In the table user_authenticate there is a column called remember key, what is it used for? I'm guessing its for the "keep me logged in" option, but I'm not entirely sure.
 

Jeremy

Well-known member
#3
The cookie that is set after a user selects Remember Me contains the following information:
user_id,remember_key

The key is used to authenticate a user via this method and prevent spoofing of the login. If it was just user_id, anyone could say, login as me just by setting the cookie to include my ID.