Contents
Quixote is a Python Web application framework. It comes with an in-memory session manager, which works but is incompatible with multi-process servers (SCGI, CGI, etc). It also forgets the sessions when the Publisher quits. Session3 solves these problems by providing a new session manager class and a simple back-end storage API. Session3 is based upon the previous Session2 code (for, unsurprisingly, Quixote 2).
back-end for use with Quixote 3.0.0 (also see Road-map below, for later version notes):-
Store each pickled session in a file in the designated directory. The filename is the session ID. Uses fcntl file locking.
DirectorySessionStore(directory)
This package includes a refactored SessionManager that makes it easy to develop additional back ends, and a simplified Session class (no .is_dirty method). It supports the usual .user, .set_user() and .has_info() attributes, and you can also set your own attributes which will be saved.
It’s quite likely that the session stores can be adapted for use with other Web frameworks; let us know if you do this so we can link to you and / or include helpful code in the package.
Since Session2 was released a number of packages that were referred to in the documentation (and the source) have either ceased to exist or moved into maintenance mode and Session3 itself is solely for Python 3.
Quixote (at time of writing - January 2019) is at version 3.0.0 and Session3 works with that (stable) version.
Quixote 3.1.x has added BaseSessionManager and SessionStore classes requiring Session3 to be updated (the new Session3 version-number will reflect the Quixote version it works with).
Download the latest version here: http://www.file-away.co.uk/session3/dist/session3-3.0.0.tar.gz
Session3 can be installed via pip (pip3 install session3). Alternatively (or if you also want the documentation) download and unpack the tar.gz file, and install the normal Python way (python3 setup.py install). Note that Session3 requires Quixote 3.0.0 — this is also available in pip.
API documentation is available as is Literate Programming documentation — you’ll need to extract it from the tar.gz file.
You can read it on-line at: http://www.file-away.co.uk/session3/README.html
You need a store, a manager and then you need to tell Quixote’s publisher to use them both: in your create_publisher function, place the following code:
# create the session store. from session3.store.DirectorySessionStore import DirectorySessionStore from session3.SessionManager import SessionManager # create the session manager. store = DirectorySessionStore(path.expanduser(some_location), create=True) session_manager = SessionManager(store) # create the publisher. from quixote.publish import Publisher publisher = Publisher(..., session_manager.session_manager)
Each session store has different initialization requirements:1 see the API documentation or the literate programming documentation for more information.
All session stores have the following methods, which are called by the session manager:-
.load_session, .save_session, .delete_session, .has_session.
They also have these convenience methods:-
initializes the store.
deletes sessions that haven’t been modified for N minutes. This is meant for your application maintenance program; e.g., a daily cron job.
Return an iterable of (id, session) for all sessions in the store. This is for admin applications that want to browse the sessions. The DirectorySession will raise a NotImplementedError3.
All stores have .is_multiprocess_safe and .is_thread_safe attributes. An application can check these flags and abort if configured inappropriately. The flags are defined as follows:-
DirectorySessionStore is multiprocess safe because it uses fcntl file locking. This limits its use to POSIX. See the fcntl caution below. It may be thread safe because it always locks-unlocks within the same method, but we don’t know for sure so the attribute is false.1
session3 comes with an interactive web test application. To run the web demo, cd to the test/ directory in the application source and run:
$ test_session2.py directory
Point your web browser to http://localhost:8080/ and play around. You can use --host=hostname and --port=N to bind to a different hostname or port.
Press ctrl-C to quit the demo (or command-C on the Mac, or ctrl-Break on Windows).
On Mac OS X when using PTL, import fcntl before enabling PTL. Otherwise the import hook may load the deprecated FCNTL.py instead due to the Mac’s case-insensitive filesystem, which will cause errors down the road. This was supposedly fixed in Python 2.4, which doesn’t have FCNTL.py.
Note that only DirectorySessionStore is working for version 3.0
DictSession is especially useful for applications that may want to use Paste’s session middleware in the future, because it is dict-based. However, the migration for .user and .set_user() is not yet clear.
For the Session2 code, this was implemented but only for MySQL