From fdd3d4d85ae7d6659b4d26fb03391c397b1b1a80 Mon Sep 17 00:00:00 2001
From: Kenneth Reitz <me@kennethreitz.org>
Date: Thu, 18 Oct 2018 10:25:19 -0700
Subject: [PATCH] sessions

---
 docs/source/tour.rst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/source/tour.rst b/docs/source/tour.rst
index 63058cf..e2e01e1 100644
--- a/docs/source/tour.rst
+++ b/docs/source/tour.rst
@@ -169,6 +169,11 @@ Responder has built-in support for cookie-based sessions. To enable cookie-based
 
 A cookie called ``Responder-Session`` will be set, which contains all the data in ``resp.session``. It is signed, for verification purposes.
 
+You can easily read a Request's session data, that can be trusted to have originated from the API::
+
+    >>> req.session
+    {'username': 'kennethreitz'}
+
 **Note**: if you are using this in production, you should pass the ``secret_key`` argument to ``API(...)``.