diff options
author | Daniel Schadt <kingdread@gmx.de> | 2022-12-10 17:42:32 +0100 |
---|---|---|
committer | Daniel Schadt <kingdread@gmx.de> | 2022-12-10 17:46:36 +0100 |
commit | 67b7f5ae3f20c930f5d633413bf27979c692c6a1 (patch) | |
tree | 6336d1697dc43eaec7573423462d64e67f332f0b /tox.ini | |
parent | 626c62e547cfa9dfa1fd3b18a524d62b61ccf0d3 (diff) | |
download | fietsboek-67b7f5ae3f20c930f5d633413bf27979c692c6a1.tar.gz fietsboek-67b7f5ae3f20c930f5d633413bf27979c692c6a1.tar.bz2 fietsboek-67b7f5ae3f20c930f5d633413bf27979c692c6a1.zip |
add a "Remember me" option for logins
The default session timeout is at 15 minutes, which can be rather short.
Therefore, we now have a "Remember me" option, which optionally saves
the authentication in a cookie (signed of course, so nobody can tamper
with it). This cookie is set to basically never expire, keeping the user
logged in while not messing with the session timeout (which is also used
for other things like flash messages).
We might think about just removing the session authentication completely
and doing everything with cookies, but we'll see about that. We
definitely want to keep two separate timeouts, but the cookie helper
doesn't seem to provide a way to have single cookies last for longer
(short of having a second helper like we currently do).
Diffstat (limited to 'tox.ini')
0 files changed, 0 insertions, 0 deletions