" I want to know how to use HTTPS to securely login ..." which satisfies the first part of the question. This way it wont be possible to login without HTTPS enabled for the project.
On Sat, Jul 7, 2012 at 11:22 AM, Melvyn Sopacua <m.r.sopa...@gmail.com>wrote: > On 7-7-2012 5:05, Timothy Makobu wrote: > > For secure logins, this helps > > > https://docs.djangoproject.com/en/dev/topics/http/sessions/?from=olddocs/#session-cookie-secure > > > > No it doesn't. That is for secure /sessions/, which means that if you > use this during the login process then the session is created on the > HTTPS connection and only /valid/ on the HTTPS connection. In other > words, if you set this flag the scenario of having an unencrypted site > with an encrypted login procedure is impossible. > > -- > Melvyn Sopacua > > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
