On 12/03/2018 15:08, Anthony wrote:
What if I cache on disk the result of a function that returns the
session id and I check if it corresponds to the real value?
Not sure what you mean. Where does the session ID produced by the
function come from, and how is the "real value" defined? What are you
suggesting different from Massimo's approach.
Anthony
Hi Anthony,
thanks for your replay, I read the message from Massimo now and I
realize that I misunderstood something... Massimo said to create a uuid
and store it in database. I thought that `session.id` could be used
instead and it could be considered as a "real value" or better as the
real current session identifier. That's the check I was thinking about:
if session.id != cache.disk('session_id_%s' % user.id, lambda:
session.id, time_expire=3600):
auth.logout()
On the other hand I'm not sure that not to perform a database select
query on every request but use the filesystem it's a better choice. Is it?
Cheers
Manuele
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
