Community mailing list archives

community@mail.odoo.com

Re: Understanding Session to handle the login of the user

by
Danimar Ribeiro
- 07/29/2015 08:25:31
Are you completely sure that Odoo is regenerating the cookie?

Everytime I clear the browser cookie it ask me to login again.

If that is true you found a security flaw.

2015-07-29 4:43 GMT-03:00 Devang Pipaliya <pipaliyadevang@gmail.com>:
Hello everyone,

This is about openerp-v7.

Can anyone help to under stand the "session_context" and "session_gc"? https://github.com/odoo/odoo/blob/7.0/addons/web/http.py#L388 &
https://github.com/odoo/odoo/blob/7.0/addons/web/http.py#L447
What is the role of them? How the odoo is selecting the session and making it as an active one? What I understood till now is; Odoo is using the werkzeug lib is saving the sessions in the files under temp directory. But I am still confuse how the Odoo is taking a session from list of multiple sessions stored in multiple files from this temp directory. Even though we have cleared the cookies, Odoo is taking the session and regenerating the cookies from here. Can any one guide me on this please? It would be a great help. -- Thanks & Regards, Devang H. Pipaliya,

​--
Regards,
 
--
 
Devang Pipaliya
 
​" Have a nice rest of the remaining day ! "​​ 

_______________________________________________
Mailing-List: https://www.odoo.com/groups/community-59
Post to: mailto:community@mail.odoo.com
Unsubscribe: https://www.odoo.com/groups?unsubscribe




--
Danimar Ribeiro