Login

Tag "cookie"

Snippet List

Add httponly to session cookie

Middleware to set "sessionid" (ou your session cookie) with httponly (see ["Django bug report"](http://code.djangoproject.com/ticket/3304)). To work, you need put it before "SessionMiddleware"

  • cookie
  • security
  • httponly
Read More

Another Cookieless Session Middleware

the snippet improve juliocarlos's greate works(see [http://www.djangosnippets.org/snippets/1235/](http://www.djangosnippets.org/snippets/1235/) ) ,merge functtions to one middlewere class, fixed url regular expression and eliminate AJAX support etc... it's tested with django 1.0.2 and work fine on my wap site. * the middlewere must before SessionMiddlewar in MIDDLEWARE_CLASSES tuple eg: MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'middleware.cookieless_session.CookielessSessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', )

  • middleware
  • cookie
  • session
  • cookieless
Read More

Cookieless Session Middleware

This middleware will put the sessionid in every place that it might be needed, I mean, as a hidden input in every form, at the end of the document as a javascrit variable to allow the AJAX request use it and of course as a GET variable of the request. To make it work correctly the MIDDLEWARE_CLASSES tuple must be in this order: ` 'CookielessSessionPreMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'CookielessSessionPosMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', ` Hope it work for someone else out there.

  • middleware
  • cookie
  • cookieless
  • less
Read More

Set test cookie unless logged in

This allows you to use a quick login forms outside of the django.contrib.auth.views.login view, the cookie will be deleted once you login.

  • middleware
  • cookie
  • login
Read More

Sessions and authentication without cookies

[The Session documentation](http://www.djangoproject.com/documentation/sessions/) rightly warns of the dangers of putting a session ID into a query string. Sometimes, however, you have to do it - perhaps your client has mandated support for browsers with cookies disabled, or perhaps (as in my case) you're just dealing with a slightly broken client browser. This middleware pulls a session ID out of the query string an inserts it into the cookies collection. You'll need to include it in your MIDDLEWARE_CLASSES tuple in settings.py, *before* the SessionMiddleware. *Please* read my [full blog post](http://www.stereoplex.com/two-voices/cookieless-django-sessions-and-authentication-without-cookies) about for the dangers of doing this, and for full instructions and examples.

  • middleware
  • cookie
  • session
  • authentication
  • string
  • query
  • cookieless
  • querystring
Read More

7 snippets posted so far.