> > Are you looking for an alternative way to hash the session? The problem is > the session currently allows any pickleable object, so we can't pick a > serialization format that excludes anything pickleable (e.g., JSON would > not work). >
so the only alternative would be to use pickle instead of cPickle, which is probably not a good alternative since I assume it's much slower. > The workaround for me would be to not access auth.user_groups and use >> fields in the user table instead (e.g. auth.user.is_admin) which does not >> change the session. If there is no good solution and the code stays >> unchanged I think this should definitely be mentioned in the book. If there >> are many requests the performance loss is probably not insignificant since >> the session is written for every request. >> > > Any ideas? > My idea would be to add a warning that the session will be detected as changed and written to disk etc. (depending on session type) if a dict value (like auth.user_groups) of the session is accessed outside a controller function -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.