- When deleting users or session, you must delete corresponding tokens and
	sessions. Please read MySQL database section from README. Also check
	caching section.

- Caching can be turned on/off in cfg.py. Check caching section in the
	README. It's important to understand consequences of caching.

- Check your "user" dtmls for input validation. Check "Security: important
	note" in README.

- You can disable session logging using SESSION_LOG variable in cfg.py
	Session logging is still experimental.
	In the same file you can set session and user cookie timeout/life.

- If you set COOKIE_USE_REALM in cfg.py to true, cookie names will include
	realm which prevents user folders using different realms to overwrite
	cookies not belonging to them. If you enable this, realm names must not
	contain characters that are not valid in cookie names !

- You can change the name of the REQUEST field that contain remote address in
	cfg.py (REQUEST_RADDR_FIELD).

- If sizes of fields in the Users table are changed, corresponding options 
	in cfg.py need to be changed.


