“Remember Me” checkbox extension in Magento

Featured Image

by OeilDeNuit/sxc

Hello everyone! I’ve created a small and simple module that creates “Remember Me” functionality to any Magento website. Its currently in testing phase, so I’d say it’s an alpha release.

Never mind the alpha release (v 0.1.0), if someone is willing to try it and trace possible bugs, I’ll do my best to fix them. :D

Module doesn’t have any admin functionality. Though it can be disabled through admin at any time. There’s a small change on customer/form/login.phtml file (added checkbox with input name set), and besides that, only thing is that this module will save hashed and salted Magento customer’s password hash in a cookie, so it is safe as it can be (if I’m wrong, I’m opened for suggestions).

There’s nothing else to say besides it’s placed on login form for Magento customers. It looks like this:

As far as setting it up goes, you only need to extract attached file over your “app” folder (it won’t overwrite anything, I’ve set it up like this because of the folder structure).

And a small note, It’s been tested on community version 1.4.

And here’s the download link.

And one last thing, I’d like to hear your opinions on this one, as this is fist module that I’ve created and have given it to public.

Cheers!

12
Top

Care to rate this post?

Author

Mladen Lotar

Ex. Inchooer

Mladen worked at Inchoo from 2010 to 2011 in the role of Magento/Zend developer

Other posts from this author

Discussion 12 Comments

Add Comment
  1. Thanks for this help, Mladen. Remember me is a good option and is very much necessary for all websites, as it will make the websites user friendly.
    I would always like to add one to my website…

  2. Thanks for the module – it is a nice one. Why don’t you post it to Magento Connect?

    I would like to suggest that you include language files with the module. The german language file could look like:
    “Remember me”,”Angemeldet bleiben”

    Cheers,
    Simon

  3. Adi

    It’s a nice idea but I think you already know that this practice is also insecure regarding session hijacking. Allow me to suggest these links for a more secure implementation: http://jaspan.com/improved_persistent_login_cookie_best_practice
    http://www.devzone.neoeliteconsulting.com/2010/07/secure-persistent-login-system-with-triple-token-authentication-for-zend-framework/

  4. @Magento Themes – thanks!

    @Simon – it’s not on Magento Connect since its still just basic functionality

    @Adi – I agree that this is fairly unsafe, but only thing I completely agree on article is that changing vital information / making orders should be limited (on next versions it should be implemented).
    I said completely because creation of additional cookies, combined with database still don’t prevent cookie theft, and if someone really wish to login with stolen data, he still can.
    Other than that (my opinion), those are still great articles!

    @Everyone else, first upload was not functional, I’ve uploaded wrong directory, but its fixed now. Thanks!

    Thanks!

  5. DU

    I want make remember me and the check box in line, how to do? thank you.

  6. Thanks for the addition. So far on testing it out everything is running great.

    @DU, you can use Mozilla Firebug and “Inspect the Element” by right-clicking on or near the check box. Find the CSS that positions those elements and then modify them that way. I think you can just take delete the “clear” property and then add a left margin to the little check box.

    -This is all new to me, so may not work as I explained above, but it was successful for me.

    Great post!

  7. amartinez

    Great post!

    By the way, I find some bug (?) restrict to some special combination of computer+SO+bored_customer, at Inchoo/Remember/controllers/Frontend/Customer/AccountController.php #27. I add this “if” statement:

    if (isset($safe_pass)) {
       setcookie('info',$safe_pass,time()-60*60*24*30,'/');
    }
    

    Do you think the patch are correct?

    Regards!

  8. Govind

    I have tried this in 1.4.2.0. But its not working fine. I Have used custom theme. I have changed login.phtml file same as given login.phtml.

    When I run the application, the custom controller not executed.

    Any idea to resolve this issue?

  9. amartinez

    @Govind

    your “remember me” check is showed?

    your controller files are permissions allowed? (try chmod -R app/code/local/Inchoo 775)

    luck!

  10. Govind

    Hi amartinez,

    Thank you so much for your information. Its working fine.

  11. Gorky

    This module becomes a large resources eating monster when dealing with large amount of customers. Loading model for every customer in db for EVERY visit = disaster.

  12. rory

    i uploaded this into a 1.5.1.0 magento with custom theme and it dosnt show up

    i tried the rights as govinds post

    but still no check

    https://www.consolehardware.com

    i also reloaded cache
    please need help its a nice addon

Add Your Comment

Please wrap all source codes with [code][/code] tags.
Top