[Zope] Cookies...

Jatwood@bwanazulia.com Jatwood@bwanazulia.com
Sun, 6 Feb 2000 13:37:37 -0500


Ok.. and here is the..

<hard answer>
1) Set a cookie to expire at the end of the session with a 
"start_time" variable. time.time(time.localtime())
2) Set another cookie with a "last_action_time" variable
3) Create a method that checks the difference between "start_time" 
and "last_action_time" and if the time difference is too long send 
them back to a log on screen (and expire both cookies).
</hard answer>

Not pretty.. but I think it would work.

JMA

At 1:14 PM -0500 2/6/2000, Jules wrote:
>On Sun, Feb 06, 2000 at 03:27:16PM +0000, Juri Jensen wrote:
>|Is it possible to set some kind of expiration time for users when they
>|haven't done anything for a while...?
>
>Juri:
>
><executive summary>
>No.
></executive summary>
>
></geek answer>
>This is an HTTP thing, not a Zope thing. The problem is that the browser
>is passing the user's name and password in the HTTP headers each time
>you request something from Zope (or indeed any protected resource from
>any Web server). So unless you programatically invalidate the password
>(bad, as it would confuse the heck out of the user), there's no real
>way to have a user 'log out'. The upside of this is that having an idle
>user doesn't use any resources on your Web server. When the Zope
>Portal Toolkit comes out, I believe it supports the concept of sessions
>-- these generally do use server side resources if the client doesn't
>support cookies -- and a timeout may be possible with it.
></geek answer>
>
>Good luck!
>
>Cheers,
>Jules
>
>_______________________________________________
>Zope maillist  -  Zope@zope.org
>http://lists.zope.org/mailman/listinfo/zope
>**   No cross posts or HTML encoding!  **
>(Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )