Skip to main content

sessions for aiohttp.web

Project description

aiohttp_session

The library provides sessions for aiohttp.web.

Usage

The library allows to store user-specific data into session object.

The session object has dict-like interface (operations like session[key] = value, value = session[key] etc. are present).

Before processing session in web-handler you have to register session middleware in aiohttp.web.Application.

A trivial usage example:

import asyncio
import time
import base64
from cryptography import fernet
from aiohttp import web
from aiohttp_session import setup, get_session, session_middleware
from aiohttp_session.cookie_storage import EncryptedCookieStorage

async def handler(request):
    session = await get_session(request)
    last_visit = session['last_visit'] if 'last_visit' in session else None
    text = 'Last visited: {}'.format(last_visit)
    return web.Response(body=text.encode('utf-8'))

def make_app():
    app = web.Application()
    # secret_key must be 32 url-safe base64-encoded bytes
    fernet_key = fernet.Fernet.generate_key()
    secret_key = base64.urlsafe_b64decode(fernet_key)
    setup(app, EncryptedCookieStorage(secret_key))
    app.router.add_route('GET', '/', handler)
    return app

web.run_app(make_app())

All storages uses HTTP Cookie named AIOHTTP_COOKIE_SESSION for storing data.

Available session storages are:

  • aiohttp_session.SimpleCookieStorage() – keeps session data as plain JSON string in cookie body. Use the storage only for testing purposes, it’s very non-secure.

  • aiohttp_session.cookie_storage.EncryptedCookieStorage(secret_key) – stores session data into cookies as SimpleCookieStorage but encodes it via AES cipher. secrect_key is a bytes key for AES encryption/decryption, the length should be 32 bytes.

    Requires cryptography library:

    $ pip install aiohttp_session[secure]
  • aiohttp_session.redis_storage.RedisStorage(redis_pool) – stores JSON-ed data into redis, keepeng into cookie only redis key (random UUID). redis_pool is aioredis pool object, created by yield from aioredis.create_pool(...) call.

    Requires aioredis library:

    $ pip install aiohttp_session[aioredis]

License

aiohttp_session is offered under the Apache 2 license.

Changes

0.7.0 (2016-09-24)

  • Fix tests to be compatible with aiohttp upstream API for client cookies

0.6.0 (2016-09-08)

  • Add expires field automatically to support older browsers #43

  • Respect session.max_age in redis storage #45

  • Always pass default max_age from storage into session #45

0.5.0 (2016-02-21)

  • Handle cryptography.fernet.InvalidToken exception by providing an empty session #29

0.4.0 (2016-01-06)

  • Add optional NaCl encrypted storage #20

  • Relax EncryptedCookieStorage to accept base64 encoded string, e.g. generated by Fernet.generate_key.

  • Add setup() function

  • Save the session even on exception in the middleware chain

0.3.0 (2015-11-20)

  • Reflect aiohttp changes: minimum required Python version is 3.4.1

  • Use explicit ‘aiohttp_session’ package

0.2.0 (2015-09-07)

  • Add session.created property #14

  • Replaced PyCrypto with crypthography library #16

0.1.2 (2015-08-07)

  • Add manifest file #15

0.1.1 (2015-04-20)

  • Fix #7: stop cookie name growing each time session is saved

0.1.0 (2015-04-13)

  • First public release

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aiohttp_session-0.7.0.tar.gz (91.5 kB view details)

Uploaded Source

Built Distribution

aiohttp_session-0.7.0-py3-none-any.whl (10.2 kB view details)

Uploaded Python 3

File details

Details for the file aiohttp_session-0.7.0.tar.gz.

File metadata

File hashes

Hashes for aiohttp_session-0.7.0.tar.gz
Algorithm Hash digest
SHA256 f8bfc3d1a96c3d8d45ecfe54bc40e5238fe42f59d775abd0f504f119a8333b98
MD5 b68ece0dff8215b7ea34112bd70b9355
BLAKE2b-256 d4c840fb3f02c3ce4bd5b21d5b5c056e31b453502ed61fecfee6c3d4f553edb9

See more details on using hashes here.

Provenance

File details

Details for the file aiohttp_session-0.7.0-py3-none-any.whl.

File metadata

File hashes

Hashes for aiohttp_session-0.7.0-py3-none-any.whl
Algorithm Hash digest
SHA256 bda116915751db9bb5e17b497f567e4588074217af89ae1c173ce20804423295
MD5 ce118877bb6362d19cf25fe8388978ef
BLAKE2b-256 795a840143176fde239bddab14ffa58fcbe2796a6dbdc5393a6afb5c6055035d

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page