Ah sorry. Yeah, there's another piece of config that should go into
'webapp2_extras.auth' if you want to tune auth session parameters.
webapp2 uses two separate sections, one for a generic session and a
separate only for the authentication stuff:
http://webapp-improved.appspot.com/api/webapp2_extras/auth.html#module-webapp2_extras.auth
On 11 December 2013 07:27, Jay Kyburz <
j...@jaykyburz.com> wrote:
> I have some strange behaviour..
>
> my config looks like this.
>
> # webapp2 config
> app_config = {
> 'webapp2_extras.sessions': {
> 'cookie_args': { 'max_age': 604800 },
> 'cookie_name': '_simpleauth_sess',
> 'secret_key': SESSION_KEY
> },
> 'webapp2_extras.auth': {
> 'user_attributes': []
> }
> }
>
> I looks like when logging in using Google / Yahoo (ie the built in Federated
> Identity) I don't get a cookie called "_simpleauth_sess'. Instead my cookie
> is called "auth". The" auth" cookie ignores the max age setting.
>
> When I login with Facebook I get both the "_simpleauth_sess" cookie and the
> "auth" cookie.
>
> Seems like the auth cookie is all that is needed though. Do you fall back to
> auth if the _simplauth_sess cookie is not found?
>
> I see that when I login using Yahoo on
https://simpleauth.appspot.com/ I get
> both cookies so I must have broken something somewhere with my OpenID
> implementation.
>
>
> Jay.