>
> Are you looking for an alternative way to hash the session? The problem is 
> the session currently allows any pickleable object, so we can't pick a 
> serialization format that excludes anything pickleable (e.g., JSON would 
> not work). 
>

so the only alternative would be to use pickle instead of cPickle, which is 
probably not a good alternative since I assume it's much slower.
  

> The workaround for me would be to not access auth.user_groups and use 
>> fields in the user table instead (e.g. auth.user.is_admin) which does not 
>> change the session. If there is no good solution and the code stays 
>> unchanged I think this should definitely be mentioned in the book. If there 
>> are many requests the performance loss is probably not insignificant since 
>> the session is written for every request.
>>
>
> Any ideas?
>

My idea would be to add a warning that the session will be detected as 
changed and written to disk etc. (depending on session type) if a dict 
value (like auth.user_groups) of the session is accessed outside a 
controller function

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to