I am implementing stay login functionality using codeingiter 3
Steps:
1. If user signin's successfully , checking the remember me checkbox.
2. Then i am setting 2 cookies for that user.
3. $cookie 1: is 128 length random string ,(series)
4. $cookie 2: is the hash of (email,password,ip,useragent). (token)
5. Now i am storing the series , hash(token) in a table <user_cookie>.
<user_cookies>
user_id(fk) series(128 varchar) token(200 varchar)
Now my doubt is how should validate autologin, when user visits my webpage next time?
$rand128_hex = bin2hex(openssl_random_pseudo_bytes(16));
$cookie1 = array(
'name' => 'series',
'value' => $rand128_hex,
'expire' => '86400'
);
$cookie2 = array(
'name' => 'remb_token',
'value' => hash_hmac('bcrypt',PEPPER_KEY,$remb_token,FALSE),
'expire' => '86400'
);
$this->input->set_cookie($cookie1);
$this->input->set_cookie($cookie2);