Original comment bySimon Maurer (Bitbucket: moiri, GitHub: moiri)
It might be interesting to rethink when to use the session and when to use post fields.
When using post fields it would make sense to serialize the data and send it in one encrypted field rather than cleartext.
Originally reported by Simon Maurer (Bitbucket: moiri, GitHub: moiri)
It would probably make sense to manage the user id at some sensible place.
Once a login is available there will for sure be a login page but right now it might make sense to move this to the page class.