This module provides a lightweight but flexible session support for webapp2.
It has three built-in backends: secure cookies, memcache and datastore.
New backends can be added extending CustomBackendSessionFactory
.
The session store can provide multiple sessions using different keys,
even using different backends in the same request, through the method
SessionStore.get_session()
. By default it returns a session using the
default key from configuration.
webapp2_extras.sessions.
default_config
= {'cookie_args': {'max_age': None, 'domain': None, 'secure': None, 'httponly': False, 'path': '/'}, 'secret_key': None, 'cookie_name': 'session', 'session_max_age': None, 'backends': {'datastore': 'webapp2_extras.appengine.sessions_ndb.DatastoreSessionFactory', 'memcache': 'webapp2_extras.appengine.sessions_memcache.MemcacheSessionFactory', 'securecookie': <class 'webapp2_extras.sessions.SecureCookieSessionFactory'>}}¶Default configuration values for this module. Keys are:
Default keyword arguments used to set a cookie. Keys are:
SessionStore.get_session()
.webapp2_extras.sessions.
SessionStore
(request, config=None)[source]¶A session provider for a single request.
The session store can provide multiple sessions using different keys,
even using different backends in the same request, through the method
get_session()
. By default it returns a session using the default key.
To use, define a base handler that extends the dispatch() method to start the session store and save all sessions at the end of a request:
import webapp2
from webapp2_extras import sessions
class BaseHandler(webapp2.RequestHandler):
def dispatch(self):
# Get a session store for this request.
self.session_store = sessions.get_store(request=self.request)
try:
# Dispatch the request.
webapp2.RequestHandler.dispatch(self)
finally:
# Save all sessions.
self.session_store.save_sessions(self.response)
@webapp2.cached_property
def session(self):
# Returns a session using the default cookie key.
return self.session_store.get_session()
Then just use the session as a dictionary inside a handler:
# To set a value:
self.session['foo'] = 'bar'
# To get a value:
foo = self.session.get('foo')
A configuration dict can be passed to __init__()
, or the application
must be initialized with the secret_key
configuration defined. The
configuration is a simple dictionary:
config = {}
config['webapp2_extras.sessions'] = {
'secret_key': 'my-super-secret-key',
}
app = webapp2.WSGIApplication([
('/', HomeHandler),
], config=config)
Other configuration keys are optional.
__init__
(request, config=None)[source]¶Initializes the session store.
Parameters: |
|
---|
get_backend
(name)[source]¶Returns a configured session backend, importing it if needed.
Parameters: | name – The backend keyword. |
---|---|
Returns: | A BaseSessionFactory subclass. |
get_session
(name=None, max_age=<object object>, factory=None, backend='securecookie')[source]¶Returns a session for a given name. If the session doesn’t exist, a new session is returned.
Parameters: |
|
---|---|
Returns: | A dictionary-like session object. |
webapp2_extras.sessions.
SessionDict
(container, data=None, new=False)[source]¶A dictionary for session data.
add_flash
(value, level=None, key='_flash')[source]¶Adds a flash message. Flash messages are deleted when first read.
Parameters: |
|
---|
webapp2_extras.sessions.
SecureCookieSessionFactory
(name, session_store)[source]¶A session factory that stores data serialized in a signed cookie.
Signed cookies can’t be forged because the HMAC signature won’t match.
This is the default factory passed as the factory keyword to
SessionStore.get_session()
.
Warning
The values stored in a signed cookie will be visible in the cookie, so do not use secure cookie sessions if you need to store data that can’t be visible to users. For this, use datastore or memcache sessions.
webapp2_extras.sessions.
CustomBackendSessionFactory
(name, session_store)[source]¶Base class for sessions that use custom backends, e.g., memcache.
webapp2_extras.sessions.
get_store
(factory=<class 'webapp2_extras.sessions.SessionStore'>, key='webapp2_extras.sessions.SessionStore', request=None)[source]¶Returns an instance of SessionStore
from the request registry.
It’ll try to get it from the current request registry, and if it is not registered it’ll be instantiated and registered. A second call to this function will return the same instance.
Parameters: |
|
---|
webapp2_extras.sessions.
set_store
(store, key='webapp2_extras.sessions.SessionStore', request=None)[source]¶Sets an instance of SessionStore
in the request registry.
Parameters: |
|
---|