What about remembering that user was logined (into cookies)?

[Sagrer]

If i login into trac, then close my browser, then open it again and visit any page of trac - i see that i must visit login page again, write login&pass... why not to add a checkbox "remember me" (for a week for example) into login page?

[jhahn@…]

I was looking for the same functionality and hacked it in to my version of 0.10. Unfortunately, there's a change required in the trac.web.auth module, outside of the scope of AccountManagerPlugin. In ​trac/web/auth.py there is a function _do_login in which the cookie is set. I added the following at the end of the function (after the other two outcookie lines).

if req.args.get('remember'):
  req.outcookie['trac_auth']['expires'] = 86400

Keep the whitespace consistent, of course, and the number is just the number of seconds before expiration. With this, the cookies have a lifetime of one day. The other half of the hack is in the AccountManagerPlugin 0.10 branch, under source:0.10/acct_mgr/templates/login.cs.

Before the Login submit input at line 27, I added:

  <div>
   <input type="checkbox" id="remember" name="remember" />
   <label for="remember">Remember me for the day</label>
  </div>

That adds the checkbox and req data. I rebuilt the AccountManager egg, tossed it into my trac/plugins dir, and restarted the web server (to apply the change to trac.web.auth). Worked like a charm.

I'm not going to bother implementing this since trac.web.auth is outside of the scope of this source tree. I'll leave that to someone feeling slightly more ambitious.

[Sagrer]

hm.... look this #131

i don't know why i had not seen this first time... but a patch for plugin is exists, as i understand it works without patching source of track, only plugin's sour

[jhahn@…]

For what it's worth, I went looking and missed that too. I thought the _do_login in AccountManager looked suspiciously capable of handling the change, but it didn't occur to me that I could just add the modifications to outcookie there to the returned value. It makes sense now looking at that diff file.

Strangely, they seem to make changes to _do_logout, but I haven't seen any problems with logging out.

Oh well, I'll stand by my mistake. It was more fun hacking up the source.

[rupert thurner]

of #131.