Skip to content

etsuko-io/aiohttp-session

5 Branches29 Tags
This branch is 453 commits behind aio-libs/aiohttp-session:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

dependabot-preview[bot]dependabot-preview[bot]
Bump pytest-cov from 2.10.0 to 2.10.1
Aug 17, 2020
eba83cb · Aug 17, 2020

History

507 Commits
aiohttp_session
aiohttp_session
Jan 30, 2020
demo
demo
May 12, 2018
docs
docs
Oct 26, 2019
examples
examples
Sep 14, 2019
tests
tests
Oct 26, 2019
.coveragerc
.coveragerc
Jan 19, 2015
.gitignore
.gitignore
Feb 12, 2018
.pyup.yml
.pyup.yml
Sep 17, 2017
.travis.yml
.travis.yml
Oct 12, 2018
CHANGES.txt
CHANGES.txt
Nov 4, 2019
LICENSE
LICENSE
Jan 3, 2018
MANIFEST.in
MANIFEST.in
Aug 7, 2015
Makefile
Makefile
Aug 3, 2016
README.rst
README.rst
May 30, 2019
pytest.ini
pytest.ini
Feb 12, 2018
requirements-dev.txt
requirements-dev.txt
Aug 17, 2020
setup.py
setup.py
Sep 12, 2018

Repository files navigation

aiohttp_session

https://travis-ci.com/aio-libs/aiohttp-session.svg?branch=master https://codecov.io/github/aio-libs/aiohttp-session/coverage.svg?branch=master https://readthedocs.org/projects/aiohttp-session/badge/?version=latest

The library provides sessions for aiohttp.web.

Usage

The library allows us to store user-specific data into a session object.

The session object has a dict-like interface (operations like session[key] = value, value = session[key] etc. are present).

Before processing the session in a web-handler, you have to register the session middleware in aiohttp.web.Application.

A trivial usage example:

import time
import base64
from cryptography import fernet
from aiohttp import web
from aiohttp_session import setup, get_session
from aiohttp_session.cookie_storage import EncryptedCookieStorage


async def handler(request):
    session = await get_session(request)
    last_visit = session['last_visit'] if 'last_visit' in session else None
    session['last_visit'] = time.time()
    text = 'Last visited: {}'.format(last_visit)
    return web.Response(text=text)


def make_app():
    app = web.Application()
    # secret_key must be 32 url-safe base64-encoded bytes
    fernet_key = fernet.Fernet.generate_key()
    secret_key = base64.urlsafe_b64decode(fernet_key)
    setup(app, EncryptedCookieStorage(secret_key))
    app.router.add_get('/', handler)
    return app


web.run_app(make_app())

All storages use an HTTP Cookie named AIOHTTP_SESSION for storing data. This can be modified by passing the keyword argument cookie_name to the storage class of your choice.

Available session storages are:

  • aiohttp_session.SimpleCookieStorage() -- keeps session data as a plain JSON string in the cookie body. Use the storage only for testing purposes, it's very non-secure.

  • aiohttp_session.cookie_storage.EncryptedCookieStorage(secret_key) -- stores the session data into a cookie as SimpleCookieStorage but encodes it via AES cipher. secrect_key is a bytes key for AES encryption/decryption, the length should be 32 bytes.

    Requires cryptography library:

    $ pip install aiohttp_session[secure]

  • aiohttp_session.redis_storage.RedisStorage(redis_pool) -- stores JSON encoded data in redis, keeping only the redis key (a random UUID) in the cookie. redis_pool is a aioredis pool object, created by await aioredis.create_redis_pool(...) call.

    Requires aioredis library (only versions 1.0+ are supported):

    $ pip install aiohttp_session[aioredis]

Developing

Install for local development:

$ pip install -r requirements-dev.txt

Run tests with:

$ pytest -sv tests/

Third party extensions

License

aiohttp_session is offered under the Apache 2 license.

About

Web sessions for aiohttp.web

aiohttp-session.readthedocs.io/

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

29 tags

Packages

No packages published

Languages

  • Python 98.9%
  • Makefile 1.1%