flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

for now, default to real (non-permanent) session cookies that are cleared at browser close

Browse Source 
SESSION_EXPIRE_AT_BROWSER_CLOSE = True

later we can maybe have a "remember me" checkbox at login time, so a user can decide on his
own whether to use session or long-living cookie.
This commit is contained in:
Thomas Waldmann 2013-11-14 10:01:36 +01:00
parent f6fb8b67bd
commit 182671783d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nsupdate/settings.py
View File

@ -254,7 +254,7 @@ SESSION_COOKIE_PATH = '/'
SESSION_COOKIE_SECURE = False # use True here if you have set WE_HAVE_SSL = True SESSION_COOKIE_SECURE = False # use True here if you have set WE_HAVE_SSL = True
SESSION_COOKIE_HTTPONLY = True SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_AGE = 14 * 24 * 3600 # 2 weeks, in seconds SESSION_COOKIE_AGE = 14 * 24 * 3600 # 2 weeks, in seconds
SESSION_EXPIRE_AT_BROWSER_CLOSE = False SESSION_EXPIRE_AT_BROWSER_CLOSE = True # more safe than False
SESSION_SERIALIZER = 'django.contrib.sessions.serializers.JSONSerializer' SESSION_SERIALIZER = 'django.contrib.sessions.serializers.JSONSerializer'