4

The problem is that I want to store authentication in a cookie that I can present to django piston rather than requiring user/password to be typed in each time (without hardcoding or storing the user/pass combo somewhere on disk). I was hoping to accomplish this with cookies like someone would without the piston API. Am I missing something?

Django Piston doesn't seem to care about session cookies at all?

Or can someone suggest a good alternative? Maybe I shouldn't use Piston?

dlamotte
  • 6,145
  • 4
  • 31
  • 40

2 Answers2

2

http://yml-blog.blogspot.com/2009/10/django-piston-authentication-against.html

Sandy
  • 1,968
  • 14
  • 25
  • thanks for the link, that looks very helpful and more or less exactly what I was looking for – dlamotte Nov 11 '10 at 17:59
  • It would also seem that piston separates itself from the "auth" system intentionally, which is nice and not so nice (because it doesnt work out of the "box")... but I understand the purpose. – dlamotte Nov 11 '10 at 18:00
0

If you are trying to keep a user logged in after they authenticate, Django's built in Sessions do that for you. You can change how long the session lasts by changing the SESSION_COOKIE_AGE setting. This will also change how long the sessions persist in your database (if you are using a database backend).

Jack M.
  • 30,350
  • 7
  • 55
  • 67
  • I may have dug myself into too deep of a hole. I'm currently using sessions, but it appears that Piston does not seem to respect sessions. I may have to defer this to Piston directly. Thanks though. – dlamotte Apr 19 '10 at 22:23
  • @xyld Are you saying that request.session / request.user are not correct for the piston requests you're getting? – eternicode Nov 10 '10 at 21:26