Automatic logout in python web app

Posted by Ali on Stack Overflow See other posts from Stack Overflow or by Ali
Published on 2010-04-28T17:44:39Z Indexed on 2010/04/28 17:47 UTC
Read the original article Hit count: 291

Filed under:
|
|
|

I have a web application in python wherein the user submits their email and password. These values are compared to values stored in a mysql database. If successful, the script generates a session id, stores it next to the email in the database and sets a cookie with the session id, with allows the user to interact with other parts of the sight.

When the user clicks logout, the script erases the session id from the database and deletes the cookie. The cookie expires after 5 hours. My concern is that if the user doesnt log out, and the cookie expires, the script will force him to login, but if he has copied the session id from before, it can still be validated.

How do i automatically delete the session id from the mysql database after 5 hours?

© Stack Overflow or respective owner

Related posts about python

Related posts about mysql