On 2/12/07, Richard Harding <[EMAIL PROTECTED]> wrote: > > Matthew Bevan wrote: > >> I hunted around a bit and found a similar question, but no answer that > >> works for me. Currently I am required to log into my Turbogears > >> application each time I load the browser, but I would like the visit > >> cookie to be permanent rather than expire with the session. > > > > I am also scratching my head on how to keep an identity login for > > around a week. I'm building a community site and all community sites > > I have ever seen offer a "remember me" option which extends the > > session for a very long time. > > > One very ugly approach suggested on the trunk thread was to extend the timeout settings http://docs.turbogears.org/1.0/Configuration#visit
> This is TG specific, but what I did on other sites (not yet tried this > in the tg auth system) was to create a random session string that was > saved into the auth table and into a cookie on their machine. If they > visited the site and they supplied the matching random string along with > proper username they would be authenticated. This way I would not save > the password in cleartext in the cookie. Each time they visited the site > and new random identifier would be saved into the database. > yes I believe this is one of the suggested implementations > Rick --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
