Kirby
Guest
offline
Right now it is not possible to distinguish a logged in user from a guest by just looking at the
Being able to distinguish a guest from a logged in user on the webserver level (or a reverse proxy in front of that) could be quite useful for applying different rules (like rate limits, challenges, etc.) partly based on the login status.
I therefore suggest to add a flag to the
Read more
Continue reading...
session cookie - if both cases it's just a random string.Being able to distinguish a guest from a logged in user on the webserver level (or a reverse proxy in front of that) could be quite useful for applying different rules (like rate limits, challenges, etc.) partly based on the login status.
I therefore suggest to add a flag to the
session cookie value (for example a prefix...Read more
Continue reading...