views:

72

answers:

2

I have a django blog project and a chat in PHP.

I need to share the id of the user logged in django ( request.user.id ) with the chat in PHP.

Is this possible ?

+2  A: 

I don't think using sessions in this way is a good idea, since they're designed to keep data temporarily for a certain user in an application. It might be a better idea to store the id in a cookie and read that in the chat, or pass a variable in the link.

Arda Xi
If I save the user id in the cookies then some lamers ( or hacker ) can edit it and chatting with another username and another friendslist ( because for every user id there are a certain friendlist ).
xRobot
Of course you'd need to include some kind of hash to make sure it's legit. The same thing can happen with sessions by the way. Something like `md5($userid."salt".time())` will work, then check that later, include the IP of the user if you wish.
Arda Xi
+2  A: 

You could use HTTP authentication for this. As long as both applications are on the same domain and the realm name (sent in the WWW-Authenticate header) is the same for both, once a use logs into one or the other application, the REMOTE_USER variable will be available to both and will contain the username of the person logged in.

AdmiralNemo
That would work, but for most people HTTP authentication will be out of place compared to the usual HTML form auth.
Arda Xi