Re: nginx keeping session - Dave Cheney - ru.sysoev.nginx

9 messages in ru.sysoev.nginxRe: nginx keeping session

From	Sent On	Attachments
Glen Lumanau	Oct 21, 2008 10:34 pm
mike	Oct 21, 2008 10:47 pm
Glen Lumanau	Oct 21, 2008 10:50 pm
mike	Oct 21, 2008 10:56 pm
Dave Cheney	Oct 21, 2008 11:17 pm
mike	Oct 22, 2008 3:26 am
Dave Cheney	Oct 22, 2008 4:08 am
张立冰	Oct 22, 2008 8:00 am
mike	Oct 22, 2008 12:28 pm

Subject:	Re: nginx keeping session
From:	Dave Cheney (da...@cheney.net)
Date:	Oct 22, 2008 4:08:35 am
List:	ru.sysoev.nginx

eh, depending on what you're storing couldn't it hit the RFC cookie limit pretty easily?

The only piece of data you would need is the user id. Everything else can be deduced from that.

i suppose it has some sort of key and expiry in it so people can't spoof alternate expiry times etc.

Not really sure, haven't used it in production and I'm not working with rails at the moment. You make a good point thou, you probably need two things, the user id, and an expiry time encoded in the cookies value.

Cheers

Dave

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets