wip

[cgi-auth-flexible.git] / DESIGN

diff --git a/DESIGN b/DESIGN
index 33ea59251590030bb634021edb4cb0bcf0922955..247546dfebec94bb2c54581de8e2ece8689baae8 100644 (file)
--- a/DESIGN
+++ b/DESIGN
@@ -40,3 +40,17 @@ app needs to check for logout button submission
   delete this login
     which mostly does what check does and then also deletes the
     assoc and the cookie
+
+
+
+----------------------------------------
+
+DECISONS
+clearing cookies does log out?
+no persistent cookie?
+allow read-only post/get distinction?
+
+does not support persistent cookie, as that needs two db entries etc.
+ two cookies complicated api
+
+clearing cookies always logs out