HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.

Multiple Logins

edited February 2009 in Vanilla 1.0 Help
Mark, while you're mucking about with the user system and making it extension based or whatever you're doing, can you put a user option that allows them to decide whether or not they want to be able to login more than once? At the moment if i login at home and then login at work it logs me out at home which is perfectly acceptable for security but since i dont care much it does get a little irritating. It'd be nice if there was an admin and/or user switch for this so the more security conscious could leave it as is and people like me who use more than one pc but dont let it get abused by someone else could stay logged in in both places?

Comments

  • I second that notion. I've got 3 login computers and I'm lazy.
  • MarkMark Vanilla Staff
    edited October 2005
    For the record, it invalidates cookies when you log in on a different machine (or browser) for security reasons. Vanilla constantly changes your cookie values when you log in or are revalidated by cookie values - and even if someone managed to see them, the idea is that they'd be invalidated by the time that person gets to them. The user authentication part has already been written for the next revision,and it will allow you to replace my authentication module with a completely different kind - so you can set up your authentication in whatever way you want - as secure or insecure as you want. I expect that we will see a huge influx of various methods that people like to use for user authentication and "remember me" functionality. I honestly can't wait to see what people come up with.
  • lechlech Chicagoland
    /me tips his hat to mark.
  • Hey guys, I was just wondering how far away we were from laxer security/"remember me" modules? Is this implemented in 0.9.3.x? It's a feature that a lot of my userbase (250 and growing!) is begging for, as lots of us log in from several PCs throughout the day (like home and work), and are used to forums like phpBB that can "remember me" across several PCs... Thanks!
  • MarkMark Vanilla Staff
    Version 1 will allow you to stay logged in from different machines. I've already changed this for the dev version.
  • Awesome. Thanks again for making such a cool message board system, btw. My user base loves it! -Andy ( www.story-games.com/forums )
  • Version 1 will allow you to stay logged in from different machines. I've already changed this for the dev version.
    Bliss!
  • +1 vote from /me
  • You idot, you don't need to vote for it, it's already happening!
  • I'd love to disable registration on my WP page, and instead link to my Vanilla registration page. Then, when someone registers on Vanilla, it copies over the username/passsword to WP as well.
  • MarkMark Vanilla Staff
    http://lussumo.com/swell/42/Data-Objects--External-Application-Integration/
  • Hi! Thanks for a great forum! My v1 installation keeps asking me to login twice, from several computers and with both IE and Firefox. The first time I press login the page seems to reload, the form clears, and I retype my username and password. Then I get logged in (I get the "to the threads or categories" page every time). Any advice on how to fix this? Thanks Thomas
  • You can't "fix" it that easily. As far as I know, the database stores one verification key. Once you wanna log in from another computer, the key gets updated thus making the old cookie invalid.
  • Hmm I may be posting in the wrong thread. My problem is that on the very same pc, I have to login twice to gain access to vanilla.
  • What if you don't want multiple logins? If it was enabled in 1 - how do you turn it back off?
Sign In or Register to comment.