You are here

Home » API reference » Persistent Login 7

README.txt in Persistent Login 7

Same filename and directory in other branches
  1. 5 README.txt
  2. 6 README.txt
Persistent Login module for Drupal
==================================

The Persistent Login module provides the familiar "Remember Me" option in the
user login form.


## Description

The module's settings allow the administrator to:

- Control how long user logins are remembered.
- Control how many different persistent logins are remembered per user.
- Control which pages a remembered user can or cannot access without explicitly
  logging in with a username and password (e.g. you cannot edit your account or
  change your password with just a persistent login).

Each user's 'My account' view tab gives them option of explicitly clearing all
of his/her remembered logins.

Persistent Login is independent of the PHP session settings and is more secure
(and user-friendly) than simply setting a long PHP session lifetime. For a
detailed discussion of the design and security of Persistent Login, see
[Improved Persistent Login Cookie Best Practice](http://www.jaspan.com/improved_persistent_login_cookie_best_practice).


## Installation

1. Add Persistent Login files to your modules directory, and enable the module.

2. For maximum security, edit your settings.php file so PHP session cookies have
   a lifetime of the browser session:

   `ini_set('session.cookie_lifetime', 0);`

3. Visit admin >> settings >> persistent_login to set how long persistent
   sessions should last and which pages users cannot access without a
   password-based login.

4. If using a reverse-proxy cache (e.g. Varnish), the configuration must be
   updated to not respond from the cache for requests that send a persistent
   login cookie.

File

README.txt
View source 
  1. Persistent Login module for Drupal

  2. ==================================

  3. 

  4. The Persistent Login module provides the familiar "Remember Me" option in the

  5. user login form.

  6. 

  7. 

  8. ## Description

  9. 

  10. The module's settings allow the administrator to:

  11. 

  12. - Control how long user logins are remembered.

  13. - Control how many different persistent logins are remembered per user.

  14. - Control which pages a remembered user can or cannot access without explicitly

  15.   logging in with a username and password (e.g. you cannot edit your account or

  16.   change your password with just a persistent login).

  17. 

  18. Each user's 'My account' view tab gives them option of explicitly clearing all

  19. of his/her remembered logins.

  20. 

  21. Persistent Login is independent of the PHP session settings and is more secure

  22. (and user-friendly) than simply setting a long PHP session lifetime. For a

  23. detailed discussion of the design and security of Persistent Login, see

  24. [Improved Persistent Login Cookie Best Practice](http://www.jaspan.com/improved_persistent_login_cookie_best_practice).

  25. 

  26. 

  27. ## Installation

  28. 

  29. 1. Add Persistent Login files to your modules directory, and enable the module.

  30. 

  31. 2. For maximum security, edit your settings.php file so PHP session cookies have

  32.    a lifetime of the browser session:

  33. 

  34.    `ini_set('session.cookie_lifetime', 0);`

  35. 

  36. 3. Visit admin >> settings >> persistent_login to set how long persistent

  37.    sessions should last and which pages users cannot access without a

  38.    password-based login.

  39. 

  40. 4. If using a reverse-proxy cache (e.g. Varnish), the configuration must be

  41.    updated to not respond from the cache for requests that send a persistent

  42.    login cookie.