Skip to content
Commits on Jan 23, 2013
  1. Merge pull request #38 from girasquid/patch-1

    Update README.markdown
    committed Jan 22, 2013
Commits on Jan 14, 2013
  1. Merge pull request #36 from rjernst/master

    Fix for issue #31 (Can't run demo code in python2.7)
    committed Jan 14, 2013
Commits on Dec 31, 2012
  1. @girasquid

    Update README.markdown

    Fixed indentation in appengine_config.py sample
    girasquid committed Dec 30, 2012
Commits on Aug 11, 2012
  1. @rjernst
Commits on Sep 30, 2011
  1. Merge pull request #29 from mdornseif/master

    PEP8 compliance
    committed Sep 30, 2011
  2. @mdornseif

    PEP8 compliance

    mdornseif committed Sep 30, 2011
Commits on Jul 14, 2011
  1. Django fix: don't crash if the middleware's process_request() is skip…

    …ped (e.g., by some other middleware)
    committed Jul 14, 2011
Commits on Jul 3, 2011
  1. update README and docs to v1.07

    committed Jul 3, 2011
  2. make gae-sessions thread-safe

    Previously, a global variable was used to store the session associated with the
    current request.  This was sufficient in the past (and to date) but sometime in
    the future app engine is going to support threading.  The minor change
    introduced by this commit ensures that gae-sessions will continue to work
    properly even when being used by multiple threads.
    committed Jul 3, 2011
  3. bad data now generates a warning rather than raising an exception

    Bad data will result in an empty session being loaded.  Typically, this should
    only happen if the developer makes some changes to class names stored in old
    sessions (which can no longer be decoded as a result).
    committed Jul 3, 2011
  4. simplify set_current_session

    The caller can build their own Session object with minimal effort.
    committed Jul 3, 2011
  5. @darktable

    added set_current_session for situations where you manually create a …

    …session object and want it to be auto-managed by the middleware
    darktable committed with Jul 2, 2011
  6. @eliasnaur

    Added support for Django cache middleware.

    The gae-sessions middleware will set the Vary header in the response if
    the session has been accessed.
    eliasnaur committed with Feb 11, 2011
  7. Leave out expiry field from session cookies (Fixes session cookies on…

    … IE)
    Elias Naur committed with Jan 14, 2011
Commits on Dec 15, 2010
  1. @eliasnaur

    Added support for expiry time value 0, which means that the session c…

    …ookie will expire when the browser session ends.
    eliasnaur committed with Elias Naur Dec 15, 2010
Commits on Dec 12, 2010
  1. update README and docs to v1.06

    committed Dec 11, 2010
  2. fix: set memcache expiration time to session expiration time

      -- didn't set any expiration in the past, so it would remain in memcache until the session was terminated or memcache evicted it
    committed Dec 11, 2010
Commits on Oct 2, 2010
  1. update readme to describe new option to instruct the client browser t…

    …o only send cookies over SSL
    committed Oct 2, 2010
Commits on Sep 28, 2010
Commits on Sep 27, 2010
  1. update README and docs to v1.05

    committed Sep 27, 2010
  2. add new "SSL only" option which forces clients to ONLY send their coo…

    …kies over a secure channel by setting the "Secure" attribute on cookies
    
      -- this is not done by default; it is only done if the user explicitly passes ssl_only=True to Session.start()
    committed Sep 27, 2010
Commits on Aug 17, 2010
  1. update README and docs to v1.04

    committed Aug 16, 2010
  2. explicitly specify namespace for all datastore/memcache operations

      -- ensures session data is always stored and retrieved from the namespace '' (GAE 1.3.6 can set a different default namespace)
    committed Aug 16, 2010
Commits on Jul 24, 2010
  1. update README and docs to v1.03

    committed Jul 24, 2010
  2. compatability improvement: specify expiration times in GMT

      -- Internet Explorer discarded all cookies whose expirations were specified in PST when the browser was closed
      -- Internet Explorer now properly stores cookies (apparently it requires the time zone to be GMT)
    committed Jul 24, 2010
  3. security: specify HttpOnly as part of the cookie header

      -- instructs browsers to not allow JavaScript to access this cookie
      -- session cookies are only processed server-side, so this helps prevent some XSS attacks
    committed Jul 24, 2010
Commits on Jul 10, 2010
  1. update docs and demo to highlight a "gotcha" - don't dynamically gene…

    …rate your secret key or existing sessions will be invalidated every time your app runs!
    committed Jul 10, 2010
Commits on Jun 15, 2010
  1. update README and docs to v1.02

    committed Jun 15, 2010
  2. bug fix: db.delete() can only take up to 500 entities at a time

      -- old version could pass up to 1,000 entities (if that many existed in the datastore)
    committed Jun 15, 2010
Commits on May 25, 2010
Something went wrong with that request. Please try again.