Well, the intention of asking that Q was not to check any possible data-store alternatives but to understand the nuances of the cookie based approach. Am not a great security expert when it comes to cookies and the limitations that it 'can' cause down the lane - and hence.
On Wed, Mar 27, 2013 at 7:28 PM, Shawn Milochik <sh...@milochik.com> wrote: > Use django-redis-sessions as a back end instead of the database. > On Mar 27, 2013 9:35 AM, "Venkatraman S" <venka...@gmail.com> wrote: > >> So, if i am right, usage of sessions makes an extra call to the DB for >> every view with login_required. >> >> SELECT "auth_user"."id", "auth_user"."password", >> "auth_user"."last_login", "auth_user"."is_superuser", >> "auth_user"."username", "auth_user"."first_name", "auth_user"."last_name", >> "auth_user"."email", "auth_user"."is_staff", "auth_user"."is_active", >> "auth_user"."date_joined" FROM "auth_user" WHERE "auth_user"."id" = 3 >> >> ..app\debug_toolbar\utils\tracking/db.py in execute(118) >> stacktrace = tidy_stacktrace(reversed(get_stack())) >> >> I do not want to be finicky about this 'extra' DB call, but was wondering >> if someone has used the cookie-based approach and has avoided sessions >> altogether. I just wanted to understand the implications on security and >> what i need to be aware of when using cookies in this way. Any experiences? >> >> -Venkat >> http://twitter.com/venkasub >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to django-users+unsubscr...@googlegroups.com. >> To post to this group, send email to django-users@googlegroups.com. >> Visit this group at http://groups.google.com/group/django-users?hl=en. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To post to this group, send email to django-users@googlegroups.com. > Visit this group at http://groups.google.com/group/django-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
