> W liście Alice Zoë Bevan–McGregor z dnia poniedziałek 15 czerwca
> 2009:
>
>> Using the above method allows you to use cookies for actual storage
>> of
>> session data, vs. having a session ID cookie which loads data from
>> memcached or database.
>
> Sure, but how does it relate to original poster's problem?
User 1 logs in as testuser, 'last login' datetime updates, and the
cookie encrypted with the last login datetime is set.
User 2 logs in as testuser, the 'last login' datetime updates, and the
cookie encrypted with the last login datetime is set.
User 1 presses refresh, their cookie can no longer be decrypted with
the 'last login' datetime, that session is now dead. User 1 is asked
to log in again.
Mentioning that actual data can be stored in the cookie is important
if you wish to, say, store the active user ID and thus potentially
save a round trip to the database to look that information up from a
session record.
Read the rest of my post again; the methodology I describe offers
quite a number of benefits including, and surpassing, user account
exclusivity. All of it applies to the question at hand.
— Alice.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
