wip some decisions

[cgi-auth-flexible.git] / DESIGN

diff --git a/DESIGN b/DESIGN
index 33ea59251590030bb634021edb4cb0bcf0922955..247546dfebec94bb2c54581de8e2ece8689baae8 100644 (file)
--- a/DESIGN
+++ b/DESIGN
@@ -40,3 +40,17 @@ app needs to check for logout button submission
   delete this login
     which mostly does what check does and then also deletes the
     assoc and the cookie
   delete this login
     which mostly does what check does and then also deletes the
     assoc and the cookie

+
+
+
+----------------------------------------
+
+DECISONS
+clearing cookies does log out?
+no persistent cookie?
+allow read-only post/get distinction?
+
+does not support persistent cookie, as that needs two db entries etc.
+ two cookies complicated api
+
+clearing cookies always logs out