Unless you enable the "remember me" option, the login will only last as
long as the session, as it relies on a session cookie (session cookies have
no expiration, so the browser deletes them when the browser is closed). If
you enable the "remember me" option, the session cookie is given an
expiration, which technically converts it to a non-session cookie (even
though web2py uses it to identify the session on the server side). To
enable the "remember me" option, do:
auth.settings.remember_me_form = True
auth.settings.long_expiration = 36000000
Note, that will give the user the option to choose the extended login. If
you instead want to force an extended login, you can skip the first line
above, and instead, create a login_onaccept callback that does the
following:
session.auth.expiration = response.session_cookie_expires = auth.
settings.long_expiration
session.auth.remember_me = True
Anthony
On Sunday, September 6, 2015 at 12:55:26 AM UTC-4, Robert Porter wrote:
>
> How can I make a login persistent. I want you to have to clean your
> cookies to ever be logged out.
>
> Right now I have a bug where I get logged out after a pretty short time
> (even though I set auth.settings.expiration=36000000), so I just want a way
> where you absolutely cannot logout unless you clean your cookies or hit my
> logout button. I want to disable the possibility, not just "extend" the
> expiration.
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
