Tue May 15 20:13:25 CEST 2012
Ok - thanks for the quick response!
On Tue, May 15, 2012 at 12:10 PM, Loïc Hoguin <essen@REDACTED> wrote:
> On login, make the server generate an UUID, associate that UUID with the
> logged in user, and set it as the cookie you will use to identify the user.
> Then just compare that cookie with your list of logged in users to find who
> it is.
> It should already be a good start.
> On 05/15/2012 08:03 PM, Wes James wrote:
>> I'm using cowboy for an application and I'm setting a simple cookie with
>> an expire to log users out after a certain time. Using a simple cookie
>> seams like it is not secure, though. As someone could read the code and
>> set the cookie in their browser and then get access to the site, right?
>> Are there any examples of securely using cookies in cowboy or some
>> other erlang app/framework that shows how cookies are used? I guess
>> some random time based cookie might work better.
>> erlang-questions mailing list
> Loďc Hoguin
> Erlang Cowboy
> Nine Nines
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the erlang-questions