Tuesday, January 26, 2016

Questions about session

Hello,

I'm writing an app which needs authentication and I was wondering if
the information about the user should be put in request.session. My app
deals with the access to certain equipments and every user has a
different set of equipment it can sees. Should I put the list of
equipment in the session or should I compute each time I access a view
or a form in creating a method in the my_app_user class which compute
the rights by quering the database. Session might not be the best option
because it keeps data so that a user can still have access even if it
has been deleted.

My problem is in fact with the templates because once a user is logged
the interface should show the equipment the user can access as a menu
and so I should have the information available in the template
(typically the base template). In that case the request.session can be a
good option since I can check if the user has the right to access the
equipment or not. If I'm not using request.session it looks like I have
to send the data for each views. Or is ther any other options?

Sorry if the questions is too silly but I haven't found any information
for that kind of problems which looks rather common and so if you can
send me any pointer I'm really interested. It might be more general than
django perhaps. I mean session are used everywhere.

Sincerely

L.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/56A7EDCC.1060407%40lpn.cnrs.fr.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment