gbirke
commented
12 years ago You are absolutely right. The login function should have no credential parameter because that parameter can't be known when logging in. Instead, the credential should be read from the cookie. I'll have to change that in the future.
ghost
// If we can present the correct tokens from the cookie, we are logged in if($rememberMe->login($username)) {
Why it must provide $username, instead of filling blank, because rememberMe class find from Cookie.
I'm sorry about lang.
Thank you