I'd like my app to preserve a "state" for each user for 24-hours, even if 
s/he 
- logs out and back in
- switches browsers
- switches IP (i.e., uses a different device)
What would be the best way to do this? 

I'm already using the session object to preserve state in the app. So I was 
thinking that when the user first logs in I could save the auth.user_id, 
datetime and session id in a db table. Then whenever the user visits the 
site again (or logs in if s/he has logged out) I can 
(a) check for a row in that table with the current user's id, 
(b) check that it's datetime wasn't more than 24-hours ago, and 
(c) if not, then set the current session cookie to point to the old session 
file on the server (i.e., the old session id)

If this sounds like a reasonable way to go, how would I trigger this when a 
session cookie is being created?

Thanks,

Ian

-- 



Reply via email to