Level 75
You could store the items in a table that you set up just for that, and next login retrieve that user and the items and put back into a session.
Just a suggestion.
Mar 24, 2021
5
Level 1
Fortify authentication keep session data after login
Hello,
After logging in through Fortify (I'm using Fortify on my own, not with Livewire), the Session ID resets. I know that's for security and that's fine. But I have a shopping cart system and of course I want the user to keep the shopping cart also after logging in.
Currently the shopping carts store a session_id in the table. It is however an option for me to do it the other way around, store a shopping cart id in the session. However, I will need that specific session data to stay after login and I'd prefer to also keep it after logout.
Can anyone help me with this? Maybe it's an idea to allow global session key exceptions for the regenerations.
I looked at the way to customize the authentication pipeline for Fortify, I however don't think it can be added there...
It would also be an option for me to bind the user_id to the shopping cart in the table, I however wouldn't know where to add that either, because I need that to be done at a point where the session is still available, and the user is known and the password is known valid.
I hope someone has a good idea.
Regards, Bas
Level 1
That’s not the issue. I already store the cart in a table and bind it to user and session id, it works for a logged in user, it also works when that user logs in on another pc, it also works for guest / not logged in users.
However, as soon as a guest adds items to the cart, and then logs in or registers, the session id resets, and the logged in user ends up with an empty cart...
Level 75
You may need a login before continuing to shop. Maybe a friendly popup message, to log in before continuing to shop. Just a suggestion.
Level 1
I don't want that either, that scares away potential customers...
Level 1
I found it out, the session ID regenerates on login, the session itself stays in tact.
So I just changed it so the cart ID is stored in the session instead of storing the session ID in the cart. Now it stays on logon. It doesn't stay on logout because logout destroys the session, but that doesn't matter to me that much.
Please or to participate in this conversation.