Identification Cookie

A cookie named admin is used to contain the administrator's data, while a cookie named user is used to contain the user's data.

When the administrator or user successfully signs in, this cookie is created. It is a base64-encoded string containing three fields:

• Certifier. This is the person who endorses the access identification, with local being used in the case of administrators.
• Preferences. Preferences in JSON notation for use and interface; this includes language, currency, etc.
• Identifier. A random value that is compared with the access record stored in the database.

The number of minutes this cookie will remain active is indicated in the system's security settings.

Previously, an auxiliary cookie called session was used for both the user and administrator. This cookie contained the same session key and remained active as long as the session was not closed, performing a double check of data against the other cookie. However, it was decided to eliminate it, leaving the session value stored in the database, allowing for verification of its existence and logout by the user.