I would add a second cookie with a longer time after the user is authenticated in the login view. In this way you can check (before authentication) if the user had been authenticated before.
On Dec 7, 10:53 pm, Brian <brian.brine...@gmail.com> wrote: > My application uses Pyramid's default AuthTktAuthenticationPolicy with > a timeout of about an hour. > > When a user returns after that timeout period they're asked to re- > authenticate on a refresh or action. I'd like to present the user with > a message informing them that their session has timed out on the login > screen. > > Is there a preferred way to determine if a session had existed and is > now invalid? How do others address this? > > Thanks, > Brian -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
