0

I have read about authentication in Lithium manual, still I have some questions about it. After Auth::check ('default', $this->request), it will return an array of user data if succeed. I have finished this part according to the manual.

  1. if I want to save some of this array into session (not all of them), how to do it?
  2. Are those data in session encrypted? If not, how could I manipulate it, I want to encrypt it for security concern.

Thanks.

Tom
  • 4,612
  • 4
  • 32
  • 43

1 Answers1

1

This should give you something to go on regarding encrypting session data - http://nitschinger.at/Session-Encryption-with-Lithium.

As far as telling Auth::check() which fields to save to the session:

Auth::config(array(
   'default' => array(
       'session' => array(
           'persist' => array('username', 'email')
        )
    )
));

This is in the latest master, and there is more explanation at the top of security\Auth.php.

Chris
  • 398
  • 1
  • 5
  • 10