Django: HTTPS for just login page?
Posted
by Mark
on Stack Overflow
See other posts from Stack Overflow
or by Mark
Published on 2010-05-09T22:37:52Z
Indexed on
2010/05/09
22:48 UTC
Read the original article
Hit count: 176
I just added this SSL middleware to my site http://www.djangosnippets.org/snippets/85/ which I used to secure only my login page so that passwords aren't sent in clear-text. Of course, when the user navigates away from that page he's suddenly logged out. I understand why this happens, but is there a way to pass the cookie over to HTTP so that users can stay logged in?
If not, is there an easy way I can use HTTPS for the login page (and maybe the registration page), and then have it stay on HTTPS if the user is logged in, but switch back to HTTP if the user doesn't log in?
There are a lot of pages that are visible to both logged in users and not, so I can't just designate certain pages as HTTP or HTTPS.
© Stack Overflow or respective owner