[Zope] Save a password encripted in a cookie
Kirk Strauser
kirk at daycos.com
Tue Sep 14 11:01:50 EDT 2004
On Tuesday 14 September 2004 07:46, Martin Koekenberg wrote:
> I want to store a username and a password in a cookie on the users
> system. This for an auto login feature.
Don't. The standard way is to generate a random "session ID" and store that
in a database or Zope object, and give the user that string in a cookie.
Whenever the user sends ID cookie, you look in your database for the
existence or state of that session. Don't just store the username and
password on the machine without explicitly notifying the user that you're
doing so.
--
Kirk Strauser
The Day Companies
More information about the Zope
mailing list