> > I checked into my browser's development tools to check cookies and found > that indeed, there are two cookies : session_id_APPNAME and > session_id_admin. These cookies and their values are persistent through > requests, even with multiple dynos.
> > I now wonder about web2py's session management and especially regarding > Auth : *How exactly does it decide wether a user is an existing user or a > new user ?* > There are two separate issues -- checking to see if there is a currently active session, and separately checking for login. web2py determines if there is a session by checking for a session cookie and seeing if it has a database record (or file) with a matching session ID. For login, it checks whether there is an "auth" object in the session, and if so, whether it is expired or not. Can you first determine whether sessions are working (independing of auth/login)? If you save some value to the session, can you retrieve it on subsequent requests? If so, the problem isn't with the session per se, but specifically with Auth. We may need to see some code to figure out what's going on. Anthony -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.