View Single Post
  #3 (permalink)  
Old November 2nd, 2013, 04:15 PM
drayarms drayarms is offline
Authorized User
Points: 182, Level: 3
Points: 182, Level: 3 Points: 182, Level: 3 Points: 182, Level: 3
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: May 2013
Posts: 40
Thanks: 0
Thanked 0 Times in 0 Posts
Default

My solution to the authentication problem is this: I completely get rid of PHP sessions. Instead, I use PHP to check the database and confirm that the username, password combo matches. If they do, then I establish a strophe connection and register the user's specific details such as username, unique member Id, email etc, as javascript variables. I make them namespace objects so that I can use them througout the application. Upon connection fail or if the user voluntarily logs out, I return these variables to null. What do you guys think?