Right now the session data for anonymous (non-authenticated) users of my web application is not moved/assigned to the user once they log in or register.
For example: An anonymous user interacts with the application, creates some session data (say products in a shopping cart), then logs in/registers and then logs out, the session data is still accessible and is not moved/made inaccessible to the now unauthenticated user.
I am using file session driver (no database), perhaps someone could provide some example of what needs to be changed (I presume in Session config) in order to make any session data created by an anonymous user be assigned to and only accessible by this user after they authenticate by logging in or registering and only while the user is authenticated.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire