Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

Using Cookies and JWTs for Secure Authentication

Well done!

You have completed Using Cookies and JWTs for Secure Authentication!

Sign up for Treehouse Back to Library

Storing and Retrieving Cookies

3:57 with Alena Holligan

We need to tell the redirect to add our cookies to the response. Then we can access the cookies in two ways: we can just see if the cookie exists, or we can read the value of the cookie.

We can just see if the cookie exists

request()->cookies->has('cookie_name');

Or we can read the value of the cookie

request()->cookies->get('cookie_name');

Trouble creating a new account in this app

If you are having trouble creating a new account in the app demonstrated in this course, please make sure you've created the prerequisite course: Introduction to User Authentication in PHP.

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

    Related Discussions

    Have questions about this video? Start a discussion with the community and Treehouse staff.

    Sign up

    Now that our redirect function is set to add our cookie with the response header, 0:00
    we're ready to pass our cookies to the redirect. 0:05
    We could either return the cookies to add to our redirect, or 0:08
    we can move the redirect within this function. 0:12
    Since adding the header is part of saving the user data, 0:16
    I'd like to move the redirect into this function. 0:19
    We add a call to the redirect. 0:22
    And then we're going to pass an array of cookies. 0:28
    I'm going to create this new array directly in line. 0:31
    Cookies = a new array of the cookies I have set, 0:36
    [$cookie ID, $cookie rolls]. 0:43
    Next, we'll take a look at the pages where we're calling the save user function. 0:50
    While we're modifying those files anyway, I wanna change our function name. 0:55
    Since we're not going to be saving a session, and I don't wanna confuse this 1:00
    with a PHP session, let's make this a little more generic. 1:04
    We'll name this saveUserData. 1:08
    Great, we save our data on login and on registration, so 1:13
    let's open those procedures. 1:17
    DoLogin, and doRegister. 1:21
    In doLogin, I can remove the redirect, and I can change the name to saveUserData. 1:25
    And then I can close this file. 1:35
    In doRegister, I can remove the redirect and 1:37
    change this name to save user data. 1:42
    I also need to make sure that there's no additional code after 1:47
    the call to our function. 1:51
    Since our function will now be handling the redirect and 1:53
    no additional code would be executed. 1:57
    I can move this flash message above the call to the function. 2:00
    And close this file. 2:07
    To see that our cookies are actually set, 2:10
    let's modify our homepage to read the cookies. 2:12
    We're going to use a var_dump. 2:21
    Cookies are part of the request object that we created in our settings file. 2:26
    We're going to access the cookies in two ways. 2:31
    First, we can just see if a cookie exists. 2:35
    Request- Cookies->has('auth_user_id). 2:37
    Or we can read the value from the cookie, 2:51
    request()- >cookies- >get, and 2:56
    we'll use ('auth_roles'). 3:00
    Let's take a look at what we have built so far by logging in to our system. 3:09
    Before we log in, we can see that the auth user ID returns false. 3:14
    We also see NULL for our off bowls. 3:21
    Now, let's log in. 3:25
    After we log in, we see true and the role ID of one. 3:33
    We haven't added any way to remove the cookie. 3:39
    So even when we log out- The cookie is still set. 3:41
    Before we're ready to use cookies for 3:51
    authentication, let's explore a few more settings. 3:54

    You need to sign up for Treehouse in order to download course files.

    Sign up

      You need to sign up for Treehouse in order to set up Workspace

      Sign up