Re: [Seaside] “Remember Me On This Computer” kind of feature for Seaside?
Mariano Martinez Peck
marianopeck at gmail.com
Wed Sep 23 17:45:48 UTC 2015
On Mon, Sep 21, 2015 at 11:59 AM, Sven Van Caekenberghe <sven at stfx.eu>
> > On 21 Sep 2015, at 15:53, Mariano Martinez Peck <marianopeck at gmail.com>
> > Hi guys,
> > Quick question, has anyone ever implemented a kind of “Remember Me On
> This Computer” feature in Seaside? If so, any guidelines or code share? :)
> I guess it is normally implemented by storing a cookie, when you see the
> cookie back, you allow a login without further questions. That is a
> dangerous feature ;-)
> I have it implemented, using tokens limited to a week or two, and with
> cookies limited to the current browser session (i.e. they are not
> persisted). I needed this to recover automagically from expired sessions.
> But then you need to implement annotated URLs too (at least some else you
> end up at the homepage all the time).
Hi Sven, but where are the tokes persisted in client side?
In my case, using the plain strategy of cookies is too insecure. I was
taking a look to this articule which seems much better:
But don't know how hard would be to implement that in Pharo/Seaside.
> Most browsers remember and autofill username/password fields, it works for
> my Seaside apps. That should be enough and is much safer.
> > Thanks in advance,
> > --
> > Mariano
> > http://marianopeck.wordpress.com
> > _______________________________________________
> > seaside mailing list
> > seaside at lists.squeakfoundation.org
> > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
> seaside mailing list
> seaside at lists.squeakfoundation.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the seaside