web2py AlterEgo
rock solid framework for agile and secure web applications
home
search
Edit page
Title:
Security Code:
Body:
(use
this
wiki markup)
Timeout depends on user's parameters: - the timeout time - what happens on timeout. Session should ever expire because they can be used for tracking, not just authentication. Nevertheless, on timeout, user should be logged out. How user is logged out/in is very application specific. I suggest you create a model file called models/timeout.py that contains import time TIMEOUT=30*60 # seconds PATH_ON_TIMEOUT='/%s/default/logout' % request.application if session.lastrequest and session.lastrequest<time.time()-TIMEOUT and request.env.path_into!=PATH_ON_TIMEOUT: #optional if you don't care about tracking usage: session.clear() redirect(PATH_ON_TIMEOUT) session.lastrequest=time.time() and create a controller default/logout that performs the logout. I do not think you need more.
Resources
Home
Version 1.51 (2008-11-19 14:48:02)
Examples
|
API
|
ORM
Compare
|
Django
|
TG
|
Rails
|
PHP
|
Java
Tutorial
|
Book
|
epydocs
Screencast short
|
long
|
shell
|
GAE
Online Demo
Interactive FAQ (AlterEgo)
Repository of free web2py apps
KPAX (the web2py CMS)
Model Builder
|
Layout Builder
Central Authentication Service
Users Group (free to join)
Development Trunk (svn)
Contact
Massimo Di Pierro
School of Computing
DePaul University
243 S. Wabash Ave
Chicago, IL 60604 (USA)
mdipierro@cs.depaul.edu
