Hello, i have a project with standard-tg authentication running with TG 2.2.
Accidentally i just found these lines in my app_cfg.py # YOU MUST CHANGE THIS VALUE IN PRODUCTION TO SECURE YOUR APP > base_config.sa_auth.cookie_secret = "ChangeME" So i changed that string to something else. The curious thing is, that afterwards i could not login with some of the existing users, but could login with some others. Some efforts like deleting cookies or changing passwords did not work. So i changed it again to "ChangeME" and now its fine - well, actually not cause i want a secure app ;) What does this cookie secret actually do? How can i change the secret without breaking the authentication? Are there any restrictions for the secret-string? Thanks in advance. Kai -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To view this discussion on the web visit https://groups.google.com/d/msg/turbogears/-/OOUZFNSRiRYJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
