I don't know the context of this, but note that you can set session timeout default for your web2py instance with --timeout=TIMEOUT (in minutes)
On Sun, Mar 8, 2009 at 10:45 AM, mdipierro <[email protected]> wrote: > > session.authorized is transparent to web2py. It is a variable as any > other variable. > You need a line like > > if not session.authorized: redirect(URL(r=request,f='not_authorized')) > > On Mar 8, 7:21 am, NguyendHEX <[email protected]> wrote: > > I need more infor about Session management by web2py core. Of course, > > i can track user session at application level but if i have more than > > one controller, i have manually update session at every controller by > > setting last request. > > > > 1) assuming you use session.authorized to determine whether the > > user > > is logged in > > 2) set session.lasttime=time.time() immediately after login > > 3) place at the top of your controller: > > > > if session.lasttime and session.lasttime<time.time()-600: > > session.authorized=False > > if session.authorized: session.lasttime=time.time() > > > > So web2py core should handle session expiration instead of application > > level or provide a hook function on user request. > > > > any idea? > > > > Thanks, > > > > Nguyen > > > > On Mar 5, 11:20 am, NguyendHEX <[email protected]> wrote: > > > > > I see the session processing athttp:// > groups.google.com/group/web2py/browse_thread/thread/14ec13e619... > > > > > I don't know when session is cleared by web2py if the application > > > clear it manually. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
