Hi everyone, Long time lurker... first question I've had to ask. I usually find answers here without having to ask.
I'm having a problem with session variables I've added when a user logs in disappearing after a while and throwing exceptions when attempting to access them later on and I'm trying to get this sorted. I'm adding the session variables using auth.settings.login_onaccept.append(_load_settings). The _load_settings() function gets some account settings from the database and adds them into the users session. The app has been in limited use for about a month now and a while ago I started seeing tickets with exceptions being thrown when I'm trying to access the session variables and/or change them. When looking at the tickets and examining the session variables, all of the auth variables are all present but all of the variables that were added using auth.settings.login_onaccept.append() are gone. There is no indication that the user was ever logged out or that the session expired etc. A search of this list about similar questions seemed to indicate a possibility of the IP address changing due to some type of IP address rotation scheme etc., a proxy deleting session cookies, or some other similar thing, but I guess where I'm getting confused is; wouldn't the entire session get blown away which would require the user to need to login again? It seems as if the user has been logged in the entire time and somehow the variables I added where removed. It only seems to happen occasionally, not during every user session, so it may be related to one of the conditions covered previously, but I don't see consistent similarities in the tickets (i.e. same user agent etc), only the errors are the same. Has anyone else seen this before and/or is my strategy of using the session the best way to accomplish adding global per user variables? -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
