Implement signed cookie backend

On the suggestion of @edwintorok on the mailing list, implement a signed cookie backend that uses the client to store all session data. Verify that the session data hasn't been tampered with by signing the session data before sending it to the client. Examples of this include:
- [Secure Cookie](http://werkzeug.pocoo.org/docs/0.11/contrib/securecookie/) from Werkzeug;
- [Cookie-based sessions](https://docs.djangoproject.com/en/1.9/topics/http/sessions/#using-cookie-based-sessions) from Django;
- and the [itsdangerous](http://pythonhosted.org/itsdangerous/) Python library.

@tizoc also mentioned that he has implemented this and included the implementation in a [gist](https://gist.github.com/tizoc/975bfac960d7e5c60232), which could hopefully be the basis for the implementation of a secure cookie backend for this project.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Implement signed cookie backend #2

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Implement signed cookie backend #2

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions