Remember Me Expiration


Can anyone offer a way of extending the duration of the cookie for the 'Remember Me' on the login page beyond 2 weeks?


View Replies: View Best Answer
twellsadmin replied on at Permalink Best Answer Reply
Thanks to Concrete5 support for the answer...

How to:
1. copy the file <web root>/concrete/models/user.php to <web root>/models/user.php -- concrete5 will now use this file instead of the default one, so changes you make here will not bother the file c5 normally uses, and you still have the original.*

2. open your copy of user.php and go to line 240, in the function setUserForeverCookie. The number in there - 1209600 - is the time in seconds for the cookie to expire. You can change that to whatever integer you want. You can also go to google and type "eight fortnights in seconds" and get an answer.

So when that's set to what you want it to be you can save it and you will stay logged in longer.

*If you recently upgraded to the file you want will be in <webroot>/updates/concrete5.4.1.1/concrete/models/
When an upgrade to the core becomes available, you'll probably want to rename your models/user.php to something like, models/user.php.mine so it doesn't conflict and you will want to do the same thing with the file from your /updates folder.
jonghdesign replied on at Permalink Reply
Great! Does this already effect people who have checked remain logged in already? Or is it only starting when a new session is made for the user? Thank you!
simoneast replied on at Permalink Reply
Does anyone know a way to do the same thing in Concrete 5.7? The expiry time seems to be set in /concrete/src/User/User.php in setAuthTypeCookie() but I'm not sure yet how best to override that.
simoneast replied on at Permalink Reply
OK, I discovered a solution which appears to work for me in 5.7, although note that it extends the *default* session time, not just when checking the box to extend the session. It also potentially reduces security a bit by relaxing a lot of the restrictions.

Posted here: