Good Morning,
I have been having some trouble and I am hoping some one will be able to help me out a bit here. What I am trying to do is access the Flask Session within a Gevent Socket-IO Name space.
I have tried to use beaker as a middle ware client and I am still unable to access & update the session information from within a socket-io name space.
I am pretty new to all of this so any help would be greatly appreciated .
With the default Flask session, it seems possible to share (with read-only access) the session data at the time the namespace is initialized.
session_dict=dict(session)
socketio_manage(request.environ, {'/news': NewsNamespace}, request=session_dict)
session_dict is then accessible as self.request in the namespace. This is a hack, but Flask/werkzeug sessions don't seem to work outside the request context anyway.
I put a session ID (randomly-generated uuid) in the Flask session. Then, both Flask views and the namespace both know the session ID, and both can read/write data in a server-side session in Redis or some other datastore, with session ID as the key.
This is just the solution I'm using for sharing sessions between Flask and gevent-socketio; I haven't tried Beaker and am not sure what specific issues you've had in using that, or if there's a better solution.
Related
I was playing around with storing session ids for anonymous users in django models using django.contrib.sessions.models and tested all browsers on my machine creating different keys sometimes based on the real and incognito sessions.
I followed it up by deleting my database and creating a new one as part of my tests and development emptying out all tables.
I am noticing now that when I revisit the site from the same computer/browser, django does NOT create and store a new session id even though the table is empty which means that the server is storing the information that I previously visited the site as an anon user somewhere other than the django_sessions table.
I tested clearing out my cookies and history but that did not help. Does anyone know where that information is stored, why, and how can I reset it? This is an issue mainly because I am using the session id as foreignkey and if i do end up deleting the database after deployment for any reason, i dont want the program to not work properly.
Using python 3.8 and django 3.0.2
Thanks.
Using session.clear() doesn’t clear the cookies upon logout. Caching has been turned off. NO GLOBALS are being used anywhere.
It’s totally random when it happens. Just clicking around the site normally (always GET requests) and somehow users are ending up as other users.
SESSION_COOKIE_SAMESITE='Lax'
SESSION_TYPE = 'filesystem'
Cloudflare is on but do they even cache cookies?
We’re also using blueprints.
Any ideas where to look?
We added a check to flask_session to make sure the session data and cookie data are aligned before setting. This seems to have fixed the issue.
Django version is - 1.10.5 Python 2.7.10
I'm beginner in Django. Assistance required.
What i have done so far:-
1) I have already passing successfully local or session variables between HTML pages.
My Questions are:-
1) Do i need to specify anything in HTML or Django to access local or session storage variables?
2) How do i get that local or session variables in my views.py?
3) Without models can i do this? because i don't want anything to store in database.
Thanks in Advance
LocalStorage is client storage in your browser. Your *.py files will be executed in server. So you can not access them directly. You can save them as cookie, or put them to server via ajax request.
I have an app using DB as session backend, and I realize that Django allows a Memcached-like (memcached, ElastiCache) session backend.
Reading the doc at Django site, I found the setting file can specify that change. My question is whether my view logic code files need any change.
No. You shouldn't have to change anything. If you deploy the code on a live site, active sessions will be lost (all users will be logged out).
I've written a django application, and put it on a CentOS server. It is definitely okay when I use django development web server.
Such as I start it by "python ./manage.py runserver", and access that server from browser on another computer. I can sign in one time, and access all the pages without issues.
However when I run it with apache+mod_wsgi, I just found I have to login with user and password time by time. I think maybe there is some problem with the session middleware, so, how can I find the root cause and fix it?
There are a couple of different options for this.
In order of likelyhood (imho):
The session backend uses the cache system to store the sessions and you're using the locmem cache backend
The session backend isn't storing the cookies (secure cookies enabled? cookie timeouts? incorrect date on the server?)
The session middleware might not be loaded (custom settings for production server?)
Storing the session in the cache is only a good solution if you use memcached as the cache backend. So if you're storing the sessions in cache, make sure you use memcache :)
Either way, check if SESSION_ENGINE is set to django.contrib.sessions.backends.db