+ 1

How to create a login system for web application using Python CGI?

I'm creating a web app using Python CGI. I want to create a login page for my web app. Currently, I'm using cookies to manage login session (storing cookies at login, retrieving, cookies to display user information on web page and finally deleting cookies while logging out). But I feel that technique insecure as cookies are locally stored making it easily accessible to anyone and grab data from cookies. So, I need to know if there is any other technique to create a more secure login system or any another way to use cookies more securely?

19th Jan 2019, 2:01 PM
Shashank Shekhar
Shashank Shekhar - avatar
1 Resposta
+ 1
If it's just for the session use a temporary cook the auto delete when the user closes the browser And for the server part u close the session after 10min of idle automaticly. Thats a thigt window for xss attacks
25th Apr 2019, 7:35 AM
Lexfuturorum
Lexfuturorum - avatar