ok, mostly ported over.
https://github.com/jvanasco/insecure_but_secure_enough
i'll have it on pypi shortly - having a pain with getting the
distribution right while watching a puppy
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to
Thanks, I'll look into the signed cookies. That might be good enough
for my current needs.
I should have been more clear...
The cookie structure is basically:
PAYLOAD[ 2-way-encryption + date ]::CHECKSUM
I added the checksum for lightweight validation, before doing anything
on the payload wh
a) Your example with the checksum isn't encryption, so watch your jargon.
Pyramid doesn't ship with any encryption capabilities.
b) See p.session.signed_serialize and p.session.signed_deserialize for
signing a payload.
http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/api/session.html#p
I didn't find anything in the docs, but I figured it would be worth
asking.
I am porting over a login system from Pylons. One of the elements has
a "cookie_autologin", which sets a 30day cookie if someone clicks
"remember me". the contents of the cookie are a lightweight payload
+ checksum.
I f