I Solved ! in formData of uploadfy i add {{ request.COOKIES.sessionid }}
and in my view i used : session = Session.objects.get(session_key=request.COOKIES['sessionid']) uid = session.get_decoded().get('_auth_user_id') user = User.objects.get(pk=uid) Works Fine ! Thanks :) 2012/6/17 Mauro Alexandre <upma...@gmail.com> > Sultan, great ! > > Guess I'll do that too, it's very unsafe. > > Thanks for the tip! > > > 2012/6/17 Sultan Imanhodjaev <sultan.imanhodj...@gmail.com> > >> Hey, >> >> In my case I use generated hash from *user.id* and *user.date_joined*passed >> via >> *formData* this is poor implementation and potentially insecure but for >> a while it works. >> >> >> Sultan, >> Thanks >> >> On Sun, Jun 17, 2012 at 9:15 PM, upmauro <upma...@gmail.com> wrote: >> >>> Hi ! Sorry my english. >>> >>> I using uploadfy in my website, this basically is one SWF to upload >>> files. >>> >>> This works fine, but my question is "how recover logged user in post >>> uploader request?" >>> >>> I have SESSIONID in form and my swf post this, but i don't know recover >>> user by session id. >>> >>> Please help-me, thanks ! >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Django users" group. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msg/django-users/-/oeYAADUGPGcJ. >>> To post to this group, send email to django-users@googlegroups.com. >>> To unsubscribe from this group, send email to >>> django-users+unsubscr...@googlegroups.com. >>> For more options, visit this group at >>> http://groups.google.com/group/django-users?hl=en. >>> >> >> >> >> -- >> Kind regards, >> Sultan Imanhodjaev >> +996 559 06 76 06 >> >> > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.