A few questions about Django's authentication system: - Once a user is logged in, how long does he remain logged in? Is there any way to configure this - e.g. "users will remain logged in for 24 hours"?
- Once a user provided a matching username & password and is authenticated, then what? In subsequent page views how does Django know that this user is logged in? I'm guessing Django creates a cookie and stores the cookie in SESSION_ENGINE, every time a user request a page, Django gets that user's cookie from browser and uses it to query SESSION_ENGINE. Is that correct? - Does it mean that Django must hit SESSION_ENGINE for every single page view? Thanks. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.