beaker.session – Session classes

Module Contents

class beaker.session.CookieSession(request, key='beaker.session.id', timeout=None, cookie_expires=True, cookie_domain=None, encrypt_key=None, validate_key=None, secure=False, httponly=False, **kwargs)

Pure cookie-based session

Options recognized when using cookie-based sessions are slightly more restricted than general sessions.

key

The name the cookie should be set to.

timeout

How long session data is considered valid. This is used regardless of the cookie being present or not to determine whether session data is still valid.

encrypt_key

The key to use for the session encryption, if not provided the session will not be encrypted.

validate_key

The key used to sign the encrypted session

cookie_domain

Domain to use for the cookie.

secure

Whether or not the cookie should only be sent over SSL.

httponly

Whether or not the cookie should only be accessible by the browser not by JavaScript.

save(accessed_only=False)

Saves the data for this session to persistent storage

expire()

Delete the ‘expires’ attribute on this Session, if any.

delete()

Delete the cookie, and clear the session

invalidate()

Clear the contents and start a new session

class beaker.session.Session(request, id=None, invalidate_corrupt=False, use_cookies=True, type=None, data_dir=None, key='beaker.session.id', timeout=None, cookie_expires=True, cookie_domain=None, secret=None, secure=False, namespace_class=None, httponly=False, **namespace_args)

Session object that uses container package for storage.

key

The name the cookie should be set to.

timeout

How long session data is considered valid. This is used regardless of the cookie being present or not to determine whether session data is still valid.

cookie_domain

Domain to use for the cookie.

secure

Whether or not the cookie should only be sent over SSL.

httponly

Whether or not the cookie should only be accessible by the browser not by JavaScript.

save(accessed_only=False)

Saves the data for this session to persistent storage

If accessed_only is True, then only the original data loaded at the beginning of the request will be saved, with the updated last accessed time.

revert()

Revert the session to its original state from its first access in the request

lock()

Locks this session against other processes/threads. This is automatic when load/save is called.

*use with caution* and always with a corresponding ‘unlock’ inside a “finally:” block, as a stray lock typically cannot be unlocked without shutting down the whole application.

unlock()

Unlocks this session against other processes/threads. This is automatic when load/save is called.

*use with caution* and always within a “finally:” block, as a stray lock typically cannot be unlocked without shutting down the whole application.

delete()

Deletes the session from the persistent storage, and sends an expired cookie out

invalidate()

Invalidates this session, creates a new session id, returns to the is_new state

class beaker.session.SessionObject(environ, **params)

Session proxy/lazy creator

This object proxies access to the actual session object, so that in the case that the session hasn’t been used before, it will be setup. This avoid creating and loading the session from persistent storage unless its actually used during the request.

persist()

Persist the session to the storage

If its set to autosave, then the entire session will be saved regardless of if save() has been called. Otherwise, just the accessed time will be updated if save() was not called, or the session will be saved if save() was called.

get_by_id(id)

Loads a session given a session ID

accessed()

Returns whether or not the session has been accessed

class beaker.session.SignedCookie(secret, input=None)

Extends python cookie to give digital signature support