Can't Login If Cookies Are Disabled

szfjozsef · September 24, 2012, 2:40pm

I’ve been searching for it but I don’t find a clear answer.

The problem:

If I disable the cookies in browser, I can’t log in.

The login dialog accepts the username and password but after the page reloads nobody is logged in.

This is what I have in the LoginForm model:




	public function login() {

		$this->_identity = new UserIdentity($this->username, $this->password);

		$this->_identity->authenticate();

		if ($this->_identity->errorCode == UserIdentity::ERROR_NONE) {

			$duration = $this->rememberMe ? 3600*24*30 : 0; // 30 days

			Yii::app()->user->login($this->_identity, $duration);

			return true;

		}

		return false;

	}

Angel_De_La_Noche · September 24, 2012, 2:49pm

Of course you can’t, because session ID is stored in cookie.

The only way to deal with it is to use transparent sid, which is a bad practice.

szfjozsef · September 24, 2012, 3:36pm

Any help would be appreciated…

How to solve this problem without using bad practices?

Angel_De_La_Noche · September 24, 2012, 3:46pm

Yes, there is a good one.

Display a really big banner saying TURN ON THE DAMN COOKIES, YOU MORON!

Even webcrawlers has cookies!

It’s 21th century, after all.

Who care about clues without cookie? Me want cookie! No cookie - no guessing game!

phtamas · September 24, 2012, 5:12pm

+1

HTTP authentication could be used as an alternative but it has its own issues.