goes always in exception, and the bug is that the IV key must be 16 bytes. secure_dumps is padding the key to 32 (correct) but using key as well for the IV argument.
On Tuesday, October 16, 2012 1:24:00 PM UTC+2, Massimo Di Pierro wrote: > > This is new in trunk and needs to be tested. Add this to your app: > > session.connect(cookie_key='mypassphrase') > > and sessions will be stored in cookies (like Flask does). Cookies are > encrypted with AES 32bites and signed with HMAC+SHA1. > > > --
