Skip to main content

Add the 'pyramid' command to cubicweb-ctl

Project description

Add the ‘pyramid’ command to cubicweb-ctl”.

This cube also add a CWSession entity type so that sessions can be stored in the database, which allows to run a Cubicweb instance without having to set up a session storage (like redis or memcache) solution.

However, for production systems, it is greatly advised to use such a storage solution for the sessions.

The handling of the sessions is made by pyramid (see the pyramid’s documentation on sessions for more details).

For example, to set up a redis based session storage, you need the pyramid-redis-session package, then you must configure pyramid to use this backend, by configuring the pyramid.ini file in the instance’s config directory (near the all-in-one.conf file):

[main]
cubicweb.defaults = no # we do not want to load the default cw session handling

cubicweb.auth.authtkt.session.secret = <secret1>
cubicweb.auth.authtkt.persistent.secret = <secret2>
cubicweb.auth.authtkt.session.secure = yes
cubicweb.auth.authtkt.persistent.secure = yes

redis.sessions.secret = <secret3>
redis.sessions.prefix = <my-app>:

redis.sessions.url = redis://localhost:6379/0

pyramid.includes =
        pyramid_redis_sessions
        pyramid_cubicweb.auth
        pyramid_cubicweb.login

See the documentation of Pyramid Cubicweb for more details.

Secrets

There are a number of secrets to configure in pyramid.ini. They should be different one from each other, as explained in Pyramid’s documentation.

For the record:

cubicweb.session.secret:

This secret is used to encrypt the session’s data ID (data themselved are stored in the backend, database or redis) when using the integrated (CWSession based) session data storage.

redis.session.secret:

This secret is used to encrypt the session’s data ID (data themselved are stored in the backend, database or redis) when using redis as backend.

cubicweb.auth.authtkt.session.secret:

This secret is used to encrypt the authentication cookie.

cubicweb.auth.authtkt.persistent.secret:

This secret is used to encrypt the persistent authentication cookie.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cubicweb-pyramid-0.5.0.tar.gz (10.7 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page