1. Lynn Rees
  2. wsgiauth

Issues

Issue #1 resolved

Trying to find some documentation and examples on how to use this library

stuart_mcmillan
created an issue

Trying to find some documentation and examples on how to use this library, but there does not seem to be and I can see posted online.

I am most interested in the cookie part - and how to invalidate (logout) the cookies at the end of a session. Also what is the purpose of the tracker kw parameter ?

Comments (2)

  1. Lynn Rees repo owner

    This library is here primarily for reference. It was originally done as a learning exercise. It would be deprecated if it had any known users.

    It has received no substantial attention since late 2006. It has received no security audit. It has never been used in production to my knowledge.

    When I rolled my first production authorization/authentication system in 2008, I built on Beaker:

    http://beaker.readthedocs.org/en/latest/

    Now a days, I'd use Django, Pyramid, or some other framework with mature, battle-tested authentication systems.

    As to your specific questions, near as I can tell, no mechanism other than cookie expiration was implemented here other than cookie expiration.

    Presuming you're talking about the OpenId bit, the tracker was used for remembering the URL. But that library is even more obsolescent than the others and should not be used.

  2. Log in to comment