Signed Cookie-Based HTTP sessions for ASGI applications
Project description
asgi-sessions – Cookie-Based HTTP sessions for ASGI applications (Asyncio / Trio, / Curio)
Features
Supports base64 sessions
Supports JWT signed sessions
Supports Fernet encrypted sessions
Requirements
python >= 3.9
Installation
asgi-sessions should be installed using pip:
pip install asgi-sessions
To install optional JWT, Fernet support:
pip install asgi-sessions[jwt] pip install asgi-sessions[fernet]
Usage
Common ASGI applications:
from asgi_sessions import SessionMiddleware
async def my_app(scope, receive, send):
"""Read session and get the current user data from it or from request query."""
# The middleware puts a session into scope['session]
session = scope['session']
status, headers = 200, []
if scope['query_string']:
# Store any information inside the session
session['user'] = scope['query_string'].decode()
status, headers = 307, [(b"location", b"/")]
# Read a stored info from the session
user = (session.get('user') or 'anonymous').title().encode()
await send({"type": "http.response.start", "status": status, "headers": headers})
await send({"type": "http.response.body", "body": b"Hello %s" % user})
app = SessionMiddleware(my_app, session_type='jwt', secret_key="sessions-secret")
# http GET / -> Hello Anonymous
# http GET /?tom -> Hello Tom
# http GET / -> Hello Tom
As ASGI-Tools Internal middleware
from asgi_tools import App
from asgi_sessions import SessionMiddleware
app = App()
app.middleware(SessionMiddleware.setup(session_type='jwt', secret_key='SESSION-SECRET'))
@app.route('/')
async def index(request):
user = request.session.get('user', 'Anonymous')
return 'Hello %s' % user.title()
@app.route('/login/{user}')
async def login(request):
request.session['user'] = request.path_params.get('user', 'Anonymous')
return 'Done'
@app.route('/logout')
async def logout(request, *args):
del request.session['user']
return 'Done'
# http GET / -> Hello Anonymous
# http GET /login/tom -> Done
# http GET / -> Hello Tom
# http GET /logout -> Done
# http GET / -> Hello Anonymous
Options
from asgi_sessions import SessionMiddleware
app = SessionMiddleware(
# Your ASGI application
app,
# Session type (base64|jwt|fernet)
session_type="base64",
# Secret Key for the session (required for JWT/Fernet sessions)
secret_key=None,
# Cookie name to keep the session (optional)
cookie_name='session',
# Cookie max age (in seconds) (optional)
max_age=14 * 24 * 3600,
# Cookie samesite (optional) # Python 3.8+ only
samesite='lax',
# Cookie secure (https only) (optional)
secure=False,
)
Bug tracker
If you have any suggestions, bug reports or annoyances please report them to the issue tracker at https://github.com/klen/asgi-sessions/issues
Contributing
Development of the project happens at: https://github.com/klen/asgi-sessions
License
Licensed under a MIT license.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for asgi_sessions-1.2.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | cd57df5c58c897569754abeb10ad5e503c82985e3b52a7b6b693ff328eab157e |
|
MD5 | 9ac35e7a5db2a7de0a13e6146139e5d3 |
|
BLAKE2b-256 | ffc5f6ac8db56e8b78680d54521668752843121be0916fe44727d1924f44d90c |