This course will be retired on June 1, 2025.

Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

Using Cookies and JWTs for Secure Authentication

Preview

Start a free Courses trial
to watch this video

Sign up for Treehouse

Creating a Cookie

3:42 with Alena Holligan

We will use the HTTP Foundations package to make it easier to set and retrieve cookies. First, we need to create a cookie with all the detail we wish to set, then we must send that cookie to our browser by passing is through with a response.

NOTE: Because we set our extra parameter to accept an array, make sure you pass the cookie as an array.

Tips for Reading and Writing Cookies

To test reading a cookie after login: on index.php

if (request()->cookies->has('access_token')) {
    echo "logged in";
} else {
    echo "not logged in";
}

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

    Related Discussions

    Have questions about this video? Start a discussion with the community and Treehouse staff.

    Sign up

    Cookies can be a bit tricky to work with using only the built-in PHP functions. 0:00
    By using the symfony HTTP foundations package, 0:05
    we not only have access to flash messages in the session, we also have 0:09
    an easier way to access the cookie on the request and response objects. 0:14
    Cookies work a little differently than sessions. 0:19
    For this session, we just need to turn on sessions and 0:23
    then we can read and write a session variable at any point in our script. 0:26
    For cookies, first, 0:31
    we need to create a cookie with all the details we wish to set, and 0:32
    then we must send that cookie to our browser by passing it through a response. 0:36
    Let's see how this works in our application. 0:41
    We're saving user data in the functions_auth file, 0:44
    under the saveUserSession function. 0:47
    Well let's start here, we aren't going to modify anything right now. 0:50
    We're just going to add some cookies. 0:54
    To create a cookie, we'll use the cookie class from the symphony package 0:57
    that we already included in this application. 1:01
    We'll add a new cookie and 1:04
    we'll set it equal to 1:09
    new\symfony\component httpfoundation\cookie 1:12
    The two required pieces of information are the cookie name and the value. 1:24
    We'll start with our auth_user_id. 1:29
    We'll set this equal to our auth_user_id above. 1:35
    There we go, now let's copy this cookie and 1:52
    we'll make a second cookie named auth_roles, 1:57
    And set this to the role_id. 2:05
    Now we can name the cookie, cookieID and cookieRoles. 2:09
    Now that we have our cookies, we're ready to pass them through a response. 2:15
    We can do this on our redirect, but 2:20
    we'll need to adjust the redirect function to add those cookies to our header. 2:22
    In the settings file, We'll 2:28
    scroll down to our redirect, and we'll add a new parameter. 2:32
    This optional parameter will be in array of extra details we want to accept. 2:37
    So we'll name it extra and we'll set it equal to an empty array. 2:42
    Next we need to add these cookies to our response. 2:46
    So after the response, we'll check if key_exist, 2:49
    Cookies in our extra array. 2:57
    Since we're passing multiple cookies, 3:06
    we want to add each of those cookies to our headers. 3:08
    We can use a foreach extra Cookies as cookie, 3:11
    And then we'll modify our 3:23
    response to add response headers 3:27
    setCookie equal to our cookie. 3:33
    Finally we're ready to pass our cookie to our redirect. 3:38

    You need to sign up for Treehouse in order to download course files.

    Sign up

      You need to sign up for Treehouse in order to set up Workspace

      Sign up