On Wed, Mar 27, 2013 at 1:35 PM, Venkatraman S wrote:
> So, if i am right, usage of sessions makes an extra call to the DB for every
> view with login_required.
>
> SELECT "auth_user"."id", "auth_user"."password", "auth_user"."last_login",
> "auth_user"."is_superuser", "auth_user"."username",
> "a
Some clients may not allow cookies, which would be a problem if that's
your full session strategy. If you're storing nothing but the default
information in the cookie then there shouldn't be any risk, and in any
case the cookie is encrypted with the SECRET_KEY from your settings.
If you store addit
Well, the intention of asking that Q was not to check any possible
data-store alternatives but to understand the nuances of the cookie based
approach. Am not a great security expert when it comes to cookies and the
limitations that it 'can' cause down the lane - and hence.
On Wed, Mar 27, 2013 at
Use django-redis-sessions as a back end instead of the database.
On Mar 27, 2013 9:35 AM, "Venkatraman S" wrote:
> So, if i am right, usage of sessions makes an extra call to the DB for
> every view with login_required.
>
> SELECT "auth_user"."id", "auth_user"."password", "auth_user"."last_login"
4 matches
Mail list logo
