Ok, so I decided to start to implement a basic user authentication system to my app. This is the scenario:
I want to deploy my app on google appengine at first so I save many user the hassle of a registrations. Once it has a reasonable userbase I want to move it out of google app engine. This might mean that the users will have to reactivate their accounts by requesting a new password to their gmail or something like that. What this also means is that I won't be able to use GAE's user authentication except when the users login. Ths is what i thought of: A user logs in using is/her google account. If the login is successful I add that user to my database, store whatever info i need and set a session variable, something like: session.valid_user=True Is there any pitfall in this approach? Now, other problem is, i haven't got a clear idea of when do sessions start and end. I am used to PHP sessions take care of the cookies themselves. In a PHP session the cookie expires once the browser is closed and if the user has the cookies deactivated PHP will transparently update all the links so the session id is passed as a GET parameter. Do web2py sessions work in a similar fashion? If not what are the main differences? /Pedro --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
