# HG changeset patch
# User paulb
# Date 1211642513 0
# Node ID 8c54afdd38ce2e62e751f6200182122e3fc41309
# Parent  0b33f944b967b1a6c32f639ffc79adc122e90f1c
[project @ 2008-05-24 15:21:53 by paulb]
Added a note about accidental authentication token collisions.

diff -r 0b33f944b967 -r 8c54afdd38ce WebStack/Helpers/Auth.py
--- a/WebStack/Helpers/Auth.py	Thu May 01 21:46:34 2008 +0000
+++ b/WebStack/Helpers/Auth.py	Sat May 24 15:21:53 2008 +0000
@@ -18,6 +18,13 @@
 You should have received a copy of the GNU Lesser General Public
 License along with this library; if not, write to the Free Software
 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
+
+--------
+
+The authentication token produced in this module typically employs the username
+and a secret. If other things are added in addition to the username, it should
+not be possible to combine them in a way which causes "collisions" between
+distinct username-plus-extra-data inputs.
 """
 
 import base64