Cookie token authentication login method

Question

There is a method that is using cookies to login users and i don\'t know it\'s name. It\'s setting a unique token to the cookie each time a user logs in. The token is visible an

Answer 1

You now procedure pretty well. Name doesn't matter much.

I think you are speaking about: Remember-Me Authentication

Answer 2

I have seen it referred to as Token Based Authentication. It's a relatively broad term that can apply for other methods than a pure cookie verification, but the principle is the same.

Answer 3

I think you might be looking for something like OAuth. OAuth has become a sort of "standard" when it comes to token based authentication.

Here's some literature: http://tools.ietf.org/html/rfc5849

I found section 2.3. Token Credentials particularly similar to what you were talking about...

The response contains the following REQUIRED parameters:

oauth_token

    The token identifier.

oauth_token_secret

    The token shared-secret.

For example:

HTTP/1.1 200 OK
Content-Type: application/x-www-form-urlencoded
oauth_token=j49ddk933skd9dks&oauth_token_secret=ll399dj47dskfjdk

It's also important to note that through my understanding, token based authentication is only more secure if all requests are being made through an SSL connection. If not, 3rd parties can grab and imitate the tokens. So yeah, hope this is what you're looking for.