justpy icon indicating copy to clipboard operation
justpy copied to clipboard

Published 20 hours ago verified publisher icon justpy-org

forced cookie renewal

Open giodegas opened this issue 4 years ago • 3 comments

I read how to use cookies for sessions handling from the documentation here:

https://justpy.io/tutorial/sessions/#introduction

I would appreciate to request a renew of the cookie every time a user does a logoff. Now I see it is recycling IDs, so user B logged after user A will have the same IDs in logs.

Is it possible to have a new ID for every login, even if at the same browser window?

Thank you.

giodegas avatar Feb 16 '21 12:02 giodegas

I agree it is a good idea to have an option to expire the cookie and I will add that in a future version.

But just to help me think this through, when a user logs out, why not delete the session from the session dict? That way you could use the same session_id for another user that logs in.

elimintz avatar Feb 16 '21 16:02 elimintz

Yes indeed, I tried to delete the session, but having an explicit expire would help a lot. Thank's.

giodegas avatar Feb 16 '21 16:02 giodegas

see also #529

WolfgangFahl avatar Sep 14 '22 13:09 WolfgangFahl

see #685

WolfgangFahl avatar Sep 20 '23 09:09 WolfgangFahl