0

I am making my first app in django . I am writing a function for remember me , I am not using login(request,user) neither authentication thing . If user select remember me check box , I am setting cookie expire time after a week . But the problem is , in every sample implementation of remember in django , I saw this request.session.set_expiry() function . My doubt is , If I use this function it will set the expiry time for every member of request.session(for example request.session[1],request.session[2] where these two are session variables for two different users ) I want to set_expiry only for the current logged in user if he hits the remember me check box. So I am doing request.session[userid].set_expiry() instead off request.session.set_expiry() , but it is throwing this error --- 'long' object has no attribute 'set_expiry'

Here is my function in views.py

username=request.POST['Username']
password=request.POST['Password']
m=mytable.objects.get(Username=username)
if m.Password==password:
    request.session[m.id]=m.id
    if request.POST.get('remember_me', None):
        request.session[m.id].set_expiry(604800)
    else:
        request.session[m.id].set_expiry(0)
    else:
        #do something

Please guide me through this

nerdiplayboy
  • 556
  • 2
  • 9
  • 17
  • Your example codes shows rather weak understanding of Django. Storing password in the clear is a very wrong thing to do. Your best bet would be to use `django.contrib.auth` and drop your own implementation. – Bouke Jul 23 '13 at 06:36

1 Answers1

1

You should do request.session.set_expiry() instead of on member of request.session[m.id].

The request.session identified only current session along with user for the current request not all users logged in.

Hope you are gone through django sessions doc.

Rohan
  • 52,392
  • 12
  • 90
  • 87