W liście Alice Zoë Bevan–McGregor z dnia poniedziałek 15 czerwca 2009: > > W liście Alice Zoë Bevan–McGregor z dnia poniedziałek 15 czerwca > > > > 2009: > >> Using the above method allows you to use cookies for actual storage > >> of > >> session data, vs. having a session ID cookie which loads data from > >> memcached or database. > > > > Sure, but how does it relate to original poster's problem? > > User 1 logs in as testuser, 'last login' datetime updates, and the > cookie encrypted with the last login datetime is set. > > User 2 logs in as testuser, the 'last login' datetime updates, and the > cookie encrypted with the last login datetime is set. > > User 1 presses refresh, their cookie can no longer be decrypted with > the 'last login' datetime, that session is now dead. User 1 is asked > to log in again. >
But you need to hit the database to check the last login timestamp for each request anyway, right? -- Paweł Stradomski --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
