rhukster
commented
3 years ago Login does require the session to be enabled at all times. The disabled session option is really only intended for use cases where there is no login at all.
Open Japhys opened 3 years ago
rhukster
commented
3 years ago Login does require the session to be enabled at all times. The disabled session option is really only intended for use cases where there is no login at all.
Japhys
commented
3 years ago Thanks for clearing that up, and so fast :)
I was experimenting with varnish and it would make it a lot easier to cache for anonymous users, hence the question
mahagr
commented
3 years ago The above code fails on rememberme, which requires the session to be stored. If you disable it, you may get a step forward.
Japhys
commented
3 years ago That was my initial thought as well, however it didn't solve the problem. Plugin still didn't work when initialize session was disabled.
mahagr
commented
3 years ago I just tested this out. Remember me does seem to think that you stole the cookie.
The main issue here is that there is no way to figure out if user has been logged in if you don't open the session. So the only way to fix this is to destroy the session if user hasn't been logged in, though I don't know if it will still send the cookie.
I only want a session cookie whenever a guest is logging in and no cookies for anonymous guests. So I disabled initialize session I was under the impression login would initialize a session anyway But something went wrong See attach Happens both in 1.6 and 1.7 Clean browser, no cache Am I wrong? Is this not going to work with login plugin?