I just wanted to add a couple question: Is it unwise to store the username and password of the user in the session object?
Is there anything stored client-side? On Apr 27, 11:16 am, Oskar <[email protected]> wrote: > Hey! > > I'm building a website and I want to remember users that have logged > in---a common thing to do. I'm setting them up like this: > session = web.session.Session(app, web.session.DiskStore('sessions'), > initializer={'logged_in': 0}) > > But I want to make sure that I don't make any security blunders. So, > what should I know about sessions in web.py in order to keep them > secure? Is there anything I should read up on? > > -- > You received this message because you are subscribed to the Google Groups > "web.py" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group > athttp://groups.google.com/group/webpy?hl=en. -- You received this message because you are subscribed to the Google Groups "web.py" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/webpy?hl=en.
