Adds server-side session support to your Quart application
Quart-Session is an extension for Quart that adds support for server-side sessions to your application.
Based on flask-session.
Quart-Session can be installed via pipenv or pip,
$ pipenv install quart-session $ pip install quart-session
and requires Python 3.7.0 or higher. A fairly minimal Quart-Session example is,
from quart import Quart, session from quart_session import Session app = Quart(__name__) app.config['SESSION_TYPE'] = 'redis' Session(app) @app.route('/') async def hello(): session["foo"] = "bar" return 'hello' app.run()
app = Quart(__name__) app.config['SESSION_TYPE'] = 'redis' Session(app)
If you already have a
aioredis.Client instance and you'd like to share
it with the session interface,
app = Quart(__name__) app.config['SESSION_TYPE'] = 'redis' @app.before_serving async def setup(): cache = await aioredis.create_redis_pool(...) app.config['SESSION_REDIS'] = cache Session(app)
By default, Quart-session creates a single connection to Redis, while the example above sets up a connection pool.
from quart_trio import QuartTrio from quart_session.redis_trio.client import RedisTrio app = QuartTrio(__name__) app.config['SESSION_TYPE'] = 'redis' Session(app)
app = Quart(__name__) app.config['SESSION_TYPE'] = 'memcached' Session(app)
JSON as session data allows for greater interoperability with other programs/languages that might want to read session data straight from a back-end.
for some unholy reason you prefer
pickle or your own serializer,
app = Quart(__name__) app.config['SESSION_TYPE'] = 'redis' Session(app) try: import cPickle as pickle except ImportError: import pickle app.session_interface.serialize = pickle
At any point you may interface with the session back-end directly:
@app.route("/") async def hello(): cache = app.session_interface await cache.set("random_key", "val", expiry=3600) data = await cache.get("random_key")
The interface will have the
delete methods available (regardless of
back-end - similar to how aiocache works).
flask-session sets a session for each incoming request, including static files. From experience, this often puts unneeded load on underlying session infrastructure, especially in high-traffic environments.
Quart-Session only contacts the back-end when a session changed (or created). In addition,
static file serves never emit a
Set-Cookie header. If you'd like to enable
this though, set
Associates an user's session to his/her IP address. This mitigates cookie stealing via XSS etc, and is handy for web applications that require extra security.
app = Quart(__name__) app.config['SESSION_TYPE'] = 'redis' app.config['SESSION_PROTECTION'] = True Session(app)
Session reuse from a different IP will now result in the creation of a new session, and the deletion of the old.
Important: If your application is behind a reverse proxy, it most
likely provides the
X-Forwarded-For header which you must make use of
by explicitly setting
This library works very similarly to flask-session. The changes are specified below:
- Quart-Session does not emit a
Set-Cookieon every request.
- Quart-Session does not emit a
Set-Cookieon static file serves.
- Quart-Session uses a different serializer:
- Quart-Session disallows the client to supply their own made up
- Quart-Session can do session protection.
- Quart-Session might not have all the back-end interfaces implemented (yet), such as "filesystem".
Find the Quart folk on gitter or open an issue.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size Quart-Session-1.0.0.tar.gz (11.9 kB)||File type Source||Python version None||Upload date||Hashes View hashes|