I'm using twisted web (not nevow) in an application right now. I'm handling
expiration by having a LogonState Session variable, which has an
is_logged_in member that defaults to False. All requests are checked for
this and redirected to my logon page if is_logged_in is not true.
This is all working fine, but unfortunately, it means that timeouts are
abrupt - you are just re-directed to a logon page with no warning the next
time you try to access a resource after session timeout.
Session expiration callbacks don't seem that useful here. I'll be notified,
but then the session is gone and I no longer have any way of knowing if the
next request is from someone who once had a valid session, but no longer
does.
How do others deal with this issue?
_______________________________________________
Twisted-web mailing list
[email protected]
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
