How does it work?

  • Resolved Hector

    (@hectorpn)


    6 years, 3 months ago

    Hi,

    I would like to use this plugin but would like to understand better how it works under the hood please?

    I had a quick peek at the code and see it creates a db table. What for? What do you store in it?

    I also noted the code is commented to say something about cross devices, or such. What does that mean? How could a cookie on one device work on other?

    So in short, when the plugin is enabled and a user logs in for the first time, what then? Just extend the session cookie to 365 and that’s all? (that would not explain the db table though)

    Cheers!

Viewing 1 replies (of 1 total)
  • Plugin Author lukeseager

    (@lukeseager)

    Hi there Hector,

    Thanks for getting in touch. Happy to give you some more information about the plugin.

    The table in the database allows the plugin to keep track of who’s logged in efficiently. The data in there includes user id, user-agent info, IP address and a timestamp. This data is used in 2 ways, the first is in the wp-admin plugin settings, where you will see the anonymous data displayed about how many users are logged in, and how many different devices are logged in. The plugin will show you how many administrators, editors, subscribers etc. are being kept logged in by the plugin.

    In the future, I want to allow the option of having a ‘manage my logins’ page on the front-end of websites, so that your users can manage all of their sessions across different devices. Eg. if they were logged in on their phone and then lost it, they could log-out of their phone from their laptop.

    This leads nicely onto your question about cross device support. You’re right, a cookie on one device can’t work on another. The plugin keeps track of multiple logins for the same user. You can test this out by logging into your account on your laptop/pc then also logging in on your phone. You should then see ‘1 user logged in across 2 devices’ on the settings page.

    So, all in all, a user logs in, they get the usual WordPress cookies, and they also get some cookies from this plugin. Those cookies hold encrypted data which includes user id, user-agent info and a key to check against the db record to ensure we’re keeping the right user logged in. We also store timestamp and IP, which I’m hoping to make use of in the near future with a ‘manage my logins’ front-end page.

    I hope that helps to clear things up?

    Thanks,
    Luke

    • This reply was modified 6 years, 3 months ago by lukeseager.
Viewing 1 replies (of 1 total)
  • The topic ‘How does it work?’ is closed to new replies.