Matthew Bevan wrote: >> I hunted around a bit and found a similar question, but no answer that >> works for me. Currently I am required to log into my Turbogears >> application each time I load the browser, but I would like the visit >> cookie to be permanent rather than expire with the session. > > I am also scratching my head on how to keep an identity login for > around a week. I'm building a community site and all community sites > I have ever seen offer a "remember me" option which extends the > session for a very long time. >
This is TG specific, but what I did on other sites (not yet tried this in the tg auth system) was to create a random session string that was saved into the auth table and into a cookie on their machine. If they visited the site and they supplied the matching random string along with proper username they would be authenticated. This way I would not save the password in cleartext in the cookie. Each time they visited the site and new random identifier would be saved into the database. Rick --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
