Skip to main content

Signed Cookie-Based HTTP sessions for Muffin framework

Project description

Muffin-Session – Cookie-Based HTTP sessions for Muffin framework

Tests Status PYPI Version Python Versions

Features

  • Supports base64 sessions

  • Supports JWT signed sessions

  • Supports Fernet encrypted sessions

Requirements

  • python >= 3.7

Installation

Muffin-Session should be installed using pip:

pip install muffin-session

Usage

  1. Use it manually

from muffin import Application, ResponseHTML
from muffin_session import Plugin as Session

# Create Muffin Application
app = Application('example')

# Initialize the plugin
# As alternative: session = Session(app, **options)
session = Session()
session.setup(app, secret_key='REALLY_SECRET_KEY_FOR_SIGN_YOUR_SESSIONS')

# Use it inside your handlers
@app.route('/update')
async def update_session(request):
    ses = session.load_from_request(request)
    ses['var'] = 'value'
    response = ResponseHTML('Session has been updated')
    session.save_to_response(ses, response)
    return res

@app.route('/load')
async def load_session(request):
    ses = session.load_from_request(request)
    return ses.get('var')
  1. Auto manage sessions (with middleware)

from muffin import Application, ResponseHTML
from muffin_session import Plugin as Session

# Create Muffin Application
app = Application('example')

# Initialize the plugin
# As alternative: session = Session(app, **options)
session = Session()
session.setup(app, secret_key='REALLY_SECRET_KEY_FOR_SIGN_YOUR_SESSIONS', auto_manage=True)

# Use it inside your handlers
@app.route('/update')
async def update_session(request):
    request.session['var'] = 'value'
    return 'Session has been updated'

@app.route('/load')
async def load_session(request):
    return request.session.get('var')

Options

Name

Default value

Description

session_type

"jwt"

Session type (base64|jwt|fernet)

secret_key

"InsecureSecret"

A secret code to sign sessions

auto_manage

False

Load/Save sessions automatically. Session will be loaded into request.session

cookie_name

"session"

Sessions’s cookie name (session)

cookie_params

Sessions’s cookie params ({'path': '/', 'max-age': None, 'samesite': 'lax', 'secure': False})

default_user_checker

lambda x: True

A function to check a logged user

login_url

"/login"

An URL to redirect anonymous users (it may be a function which accept Request and returns a string)

You are able to provide the options when you are initiliazing the plugin:

session.setup(app, secret_key='123455', cookie_name='info')

Or setup it inside Muffin.Application config using the SESSION_ prefix:

SESSION_SECRET_KEY = '123455'

SESSION_COOKIE_NAME = 'info'

Muffin.Application configuration options are case insensitive

Examples

from muffin import Application, ResponseHTML
from muffin_session import Plugin as Session

# Create Muffin Application
app = Application('example')

# Initialize the plugin
# As alternative: session = Session(app, **options)
session = Session()
session.setup(app, secret_key='REALLY_SECRET_KEY_FOR_SIGN_YOUR_SESSIONS', auto_manage=True)

@session.user_loader
async def load_user(ident):
    """Define your own user loader. """
    return await my_database_load_user_by_id(ident)

@app.register('/session')
async def get_session(request):
    """ Load session and return it as JSON. """
    return dict(request.session)

@app.register('/admin')
@session.user_pass(lambda user: user.is_admin)
async def admin(request):
    """Awailable for admins only. """
    return 'TOP SECRET'

@app.register('/login')
async def login(request):
    """Save user id into the current session. """
    # ...
    session.login(request, current_user.pk)
    return 'OK'

@app.register('/logout')
async def logout(request):
    """ Logout user. """
    # ...
    session.logout(request)
    return 'OK'

@app.register('/somewhere')
async def somewhere(request):
    """ Do something and leave a flash message """
    # ...
    request.session.clear()
    return 'OK'

Bug tracker

If you have any suggestions, bug reports or annoyances please report them to the issue tracker at https://github.com/klen/muffin-session/issues

Contributing

Development of Muffin-Session happens at: https://github.com/klen/muffin-session

Contributors

  • klen (Kirill Klenov)

License

Licensed under a MIT license.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

muffin-session-2.1.1.tar.gz (6.5 kB view details)

Uploaded Source

Built Distribution

muffin_session-2.1.1-py3-none-any.whl (6.4 kB view details)

Uploaded Python 3

File details

Details for the file muffin-session-2.1.1.tar.gz.

File metadata

  • Download URL: muffin-session-2.1.1.tar.gz
  • Upload date:
  • Size: 6.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.5.0 importlib_metadata/4.8.2 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.9.8

File hashes

Hashes for muffin-session-2.1.1.tar.gz
Algorithm Hash digest
SHA256 840e5f2e20559bc696db87762cd60f6d4347fd344cdc2b78a9ee017192f10f23
MD5 311229aff55f1aa52e9318657b80a849
BLAKE2b-256 a874689c1fbd3ca6ae42abf770c227d413624f8bbbdbd6e9a05b4d30af8dc9d5

See more details on using hashes here.

File details

Details for the file muffin_session-2.1.1-py3-none-any.whl.

File metadata

  • Download URL: muffin_session-2.1.1-py3-none-any.whl
  • Upload date:
  • Size: 6.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.5.0 importlib_metadata/4.8.2 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.9.8

File hashes

Hashes for muffin_session-2.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 a98cd7a94d2ec23c0d15bf7563e0b8890df7f26e3500d43e503954652f21f423
MD5 b03608def876f0a4088c5ce7b6ed85cd
BLAKE2b-256 e479a9eb20520d0f49cef315f89f3c36a9b0fa55f457aceba09b1c420aa444eb

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page