Shulou(Shulou.com)06/03 Report--

This article will explain in detail how to realize the automatic login function of the website next time. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

I'll tell you how a famous extension sfGuard in the symfony of the open source php framework does to implement the next automatic login function of the website, which may provide you with some ideas.

The realization method of the next automatic login function of the website

First, your database needs a rememberkey table: it contains the following three fields:

User_id,remember_key (string (32), unique), ip_address, and of course there are two time fields created_at and updated_at that are almost necessary, not to mention.

If the user checks rememberme when logging in

So generate a remember_key with a random value of md5, such as timestamp+rand (09999999). Because random variations are still large, it is almost impossible for remember_key to produce duplicate key.

Then store a copy of the key in the client cookie and a copy in the database. The storage time of the cookie is the length of time you remember the password, and the ip should be recorded in the database.

If the user clicks to exit, when deleting the session, the remember_key in the cookie and the corresponding key in the database are also deleted. Of course, in order to prevent more and more junk data, you can also delete all the expired key by the way.

If the user visits the page next time but the session has expired, then check whether there is a remember_key cookie. If so, take this value and the accessed ip to the database to find a record. If found, then the user corresponding to the user_id of this record is automatically logged in.

Of course, you can make some changes, such as ip is not necessarily necessary, because the domestic user ip will always change.

How to realize the function of automatically logging into the website

For logging in directly with a user name and password, you do not need to fill in the CAPTCHA and mobile verification website. We usually have the following ways to automatically log in to the website.

Send a http request to log in directly.

The point is to keep the cookie information, record the cookie returned on the first visit, and send it with the next request.

Establish an application program and use plug-ins such as webbrowser to embed web pages to achieve automatic login.

Automatic login is realized through user action simulation.

Need CAPTCHA login, then we need to write our own CAPTCHA identification program, or access the third-party coding platform to achieve automatic login.

This is the end of the article on "how to achieve the next automatic login function of the website". I hope the above content can be of some help to you, so that you can learn more knowledge. If you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.