I think approach with new middleware that runs after `SessionMiddleware` would work best
--- ** [tickets:#7451] Remember me option on login** **Status:** in-progress **Milestone:** limbo **Labels:** 42cc **Created:** Mon Jun 09, 2014 05:08 PM UTC by Dave Brondsema **Last Updated:** Mon Jul 21, 2014 02:41 PM UTC **Owner:** nobody Allura uses cookie-based auth (potentially could be configured to something different, via the `beaker.session.*` values in the `.ini` config file). The [cookie defaults to never expiring](http://beaker.readthedocs.org/en/latest/configuration.html#session-options) but I'd like a "remember me" checkbox (that does have an expiration, configurable server-side like 1 year). And if you don't check the checkbox, then the login session only lasts for the browser session. I don't know if the `cookie_expires` field can be set dynamically (=True for not remember me, and = num seconds for remember me). Docs don't really talk about it, so I hope `SessionMiddleware` does have a way to support it. --- Sent from sourceforge.net because [email protected] is subscribed to https://sourceforge.net/p/allura/tickets/ To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
