On 10/5/05, Tim Lesher <[EMAIL PROTECTED]> wrote: > Some questions:
and good ones at that! > 1. Why the restriction on use of session variables--just to avoid > clashing with application-defined variables? Because they're avoidable in most situations, and if you can avoid using sessions your app can scale a lot easier. If someone knows that their app is only going to have 5 users, then using sessions is just fine... it's just better if the TurboGears core itself avoids using sessions as much as possible so that the person writing the app can make the determination that sessions won't kill their site... > 2. In "ability to use basic or cookie auth with a login screen", if > the auth/auth code itself provides the login screen html, please, > please provide a way to bypass it and plug in one's own HTML. This is > important for "branded" sites. Yes, that is absolutely critical. TurboGears 0.8 has a notion of a "sitetemplate" (discussed in another thread) that will allow for wrapping the generic login page. There does need to be a way to replace the template altogether. Kevin

