#1250 closed defect (worksforme)
Personal information storage
| Reported by: | Owned by: | Jonas Borgström | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | general | Version: | 0.8 |
| Severity: | normal | Keywords: | |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
I use multiple computers. So do many of my developers. That's why the current setup of having to remember a "Session key" in order for information about our logins is not a good way to handle it.
A way for information to be stored on the server would work out better for us.
Attachments (0)
Change History (8)
comment:1 by , 19 years ago
| Milestone: | → 0.9 |
|---|
comment:2 by , 19 years ago
comment:3 by , 19 years ago
| Milestone: | 0.9 |
|---|
The information is stored on the server, the session ID is just a way to identify the user across requests. Nothing special here.
Anyway… I wonder whether you use authentication? It would be possible to omit the whole session key thing if you are logged in to Trac, because we already have a way to identify you in that case.
comment:4 by , 19 years ago
Yes, we use authentication, but that's not my point. I'd like for users to have accounts on trac as well, but right now they have to know a session id. Well, what if someone uses someone elses session id?
Also, the way the gui is setup now, for authenticated users it seems as though the session id is still required, even though you already have their account logged in, etc. My point was that right now the session id seems pointless.
comment:5 by , 19 years ago
Well, for authenticated users, the need to use a session key has been removed in [1335]. Settings are simply stored under the username. Is that your point?
For anonymous users, I don't see many alternatives to the session key. I guess we could:
- Just not expose the session ID and have the user adjust her settings on every different computer (which I guess most people do anyway)
- Masquerade the session ID mechanism behind a registration/login UI (which seems a bit silly IMHO)
Oh, and about using a session ID that already exists: there is code in place to prevent that.
comment:6 by , 19 years ago
| Cc: | added |
|---|
comment:7 by , 19 years ago
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
Works for authenticated users, so I'm closing this ticket.
comment:8 by , 18 years ago
| Cc: | removed |
|---|
The session keys are a real pain in our lab environment where users move from computer to computer frequently. The screens for session handling errors are also extremely confusing to the users. Why is this information not stored on the server in the first place? I wouldn't expect one's name or email address to change too frequently.