Closed dhasegan closed 9 years ago
I think supporting browsers that don't support cookies would be really complicated and ugly. Sessions work by keeping all data on the server hashed by a "session ID" and then storing the "session ID" as a cookie in the client. I would suppose it has a dict like: { "session_id_1": {"key1": val1, "key2": val2 ...} , "session_id_2": {"some_key": some_val} }
But since HTTP is stateless, it has to store data on the client no matter what (with sessions it stores only the session id, which it then receives with every request). The only way I can think of doing this without using cookies is by storing things on some hidden DOM object that can be found on every page. But it feels really ugly. Plus, we're also using cookies to store the login status of users. If we change that we'd have to change the way people log in and do it all "manually".
On Sun, Dec 7, 2014 at 1:30 AM, Daniel Hasegan notifications@github.com wrote:
We may also have to take care of browsers that dont use cookies at all. I am not sure how django sessions would work on those but we should at least investigate it.
— Reply to this email directly or view it on GitHub https://github.com/dhasegan/connect.academy/issues/199.
Yeah, actually fuck this. Too much work for not that much gain.
We may also have to take care of browsers that dont use cookies at all. I am not sure how django sessions would work on those but we should at least investigate it.