I have been thinking about this... There are several cases in which a site needs to tack user information. In some cases, the site needs to store security-sensitive user info locally... Your current CST code fits that bill very nicely.
Geez. It does? It's not very secure... nobody should be using any session manager to store sensitive data for very long. For a long discussion about this, see the zope ml archives around November of last year. If you mean however, that you store it in a session data object temporarily until it is written to a user-related datastore, this is an acceptable risk for lots of folks.
But often, you just want to store user preferences. These preferences need not be secure so can be stored on the client... And you want to keep those for as long as someone visits your site, so storing it on the server is actually troublesome. To fill this need, people often manually set cookies.
Yes... we have this problem on Zope.org. There are thousands of orphaned accounts.
But I hate manually setting cookies. I often bump into problems when I try to do so. On the other hand, I love the simplicity of CST. And I wonder: could CST not be used to accomplish both goals via the development of a cookie-based session data manager?
That's an interesing idea. Except that cookies are usually limited to ~ 4000 characters on the client. You can't stuff much data into 4000 characters. It'd be pretty neat, however. Care to try to implement it? ;-) If not Jerome, anyone else?
You would have a data manager which stores all information client-side via cookies. The data could be stored much longer, months instead of hours. And it would not impact resources, RAM or filesystem. I would not use this to store security-sensitive data about logged-in users, but I would definitely use it to remember which skin an anonymous user preferred.
Is that at all possible? Will we see something like this someday? Just wondering. Thanks for CST, it's great. Cheers,
Not from me in the near future. I'm trying desperately to get another CST release out the door with the features it already has. ;-)