login required after restarting browser (1.20260313.1)

[icodk]

I tried to make logins  surviving browser restarts but  it didn't work (also in 

previouse releases)

Doing the following changes in the application's common.py:

if settings.SESSION_TYPE == "cookies":
    session = Session(secret=settings.SESSION_SECRET_KEY, expiration=60*60*24*30)  

and:

:

:

elif settings.SESSION_TYPE == "database":
    from py4web.utils.dbstore import DBStore
    session = Session(secret=settings.SESSION_SECRET_KEY, storage=DBStore(db), expiration=60*60*24*30)  # 30 days

As well as modifying  py4web/core.py (see changes in the attached file)

did the trick.

Is it possible to add the attached core.py to py4web for preseving the change for future releases/updates  ?
Thanks

 

[icodk]

Further testing shows that this is not working either.  

So ignore it for now.

Or if anybody have a solution (for persistant login) please let me know

[pe...@anewalt.com]

I agree that this is a nuisance.  I have implemented a way around it by generating & storing a hash created by combining several elements of a user's environment and comparing that on future logins, but suspect it's not that secure so I only use it for my own convenience and don't advertise its existence to other users.  I was hoping that implementing Google oauth plugin would help, but that has introduced a problem of its own (it creates duplicate auth_user accounts) that feels like a bug, but so far no input/guidance from this group on that.  Would also like to hear of any other ways to address this.