On Sun, Feb 12, 2012 at 2:27 PM, Theron Luhn <[email protected]> wrote: > Hi guys! > > I'm a PHP developer, but I've decided to switch to Python and Pyramid > for a big upcoming project. Before I dive right into Pyramid, however, > I'm doing a bit of research and getting all my ducks in a row, so to > speak. So, I have a few questions: > > I've often wanted to start using Test Driven Development in my > projects. However, the concept has been completely over my head. > Recently I stumbled across Behavior Driven Development, and now it all > clicks. What's the best way to use BDD for a Pyramid project? > > Sessions: Pyramid docs say session data is "digitally signed, > however, and thus its data cannot easily be tampered with." I don't > want anyone tampering with my sessions, easy or not. Is this > sufficiently secure, or is there a better implementation? Maybe > sessions stored server-side with ZODB?
Beaker sessions using the pyramid_beaker package offer a variety of ways to store sessions both server-side and client side. With server-side sessions, the digital signing refers to the cookie containing the session ID. This is industry-standard encryption and has been used for several years in Pylons and TurboGears. and other Python websites. -- Mike Orr <[email protected]> -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
