#21649: Add session signing based on the value of the user's password
------------------------------+------------------------------------
Reporter: timo | Owner: timo
Type: New feature | Status: new
Component: contrib.auth | Version: master
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+------------------------------------
Comment (by PaulM):
I think in the past we've done work to preserve sessions across version
upgrades. This of course has the downside of making the full benefit of
the patch take an extra version to manifest. I personally don't mind
sessions going away during upgrade, but I believe that some users of
Django may not be comfortable with that.
I'd defer to Jacob or Luke or another conservative core dev. The upgrade
code path shouldn't be too complex in this case.
--
Ticket URL: <https://code.djangoproject.com/ticket/21649#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/062.1f811bc93c716e31dd32d1b59475c477%40djangoproject.com.
For more options, visit https://groups.google.com/groups/opt_out.
