In the past my site has used two variations of login. For internal users with comprehensive access to our database, it has used a conventional email + password implemented via Auth. For a broader population of users who interact with the site to maintain their membership and register for events on their own behalf, I used email in combination with a one time token sent to the email as a call back to validate the user.
In the future I plan to use the email validation for all users. For the convenience of regular users, I will have a 'Remember Me' checkbox when they validate their email address. When the callback with the one-time token is processed, the session records the login and sets the session expiration: session.when_expires = request.now + datetime.timedelta(days = 30) response.cookies['session_id_init']['expires'] = 30*24*3600 However, I find that I have to reset this expiration for each page that is sent to the user: response.cookies['session_id_init']['expires'] = int((session.when_expires - request.now).total_seconds()) I have tried without sucess to understand the code in gluon/globals to find a way to avoid the need to reset the session cookie expiration with each request? -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.