Skip to main content
Help us improve Python packaging – donate today!

Add the 'pyramid' command to cubicweb-ctl

Project Description

Add the ‘pyramid’ command to cubicweb-ctl”.

This cube also add a CWSession entity type so that sessions can be stored in the database, which allows to run a Cubicweb instance without having to set up a session storage (like redis or memcache) solution.

However, for production systems, it is greatly advised to use such a storage solution for the sessions.

The handling of the sessions is made by pyramid (see the pyramid’s documentation on sessions for more details).

For example, to set up a redis based session storage, you need the pyramid-redis-session package, then you must configure pyramid to use this backend, by configuring the pyramid.ini file in the instance’s config directory (near the all-in-one.conf file):

[main]
cubicweb.defaults = no # we do not want to load the default cw session handling

cubicweb.auth.authtkt.session.secret = <secret1>
cubicweb.auth.authtkt.persistent.secret = <secret2>
cubicweb.auth.authtkt.session.secure = yes
cubicweb.auth.authtkt.persistent.secure = yes

redis.sessions.secret = <secret3>
redis.sessions.prefix = <my-app>:

redis.sessions.url = redis://localhost:6379/0

pyramid.includes =
        pyramid_redis_sessions
        pyramid_cubicweb.auth
        pyramid_cubicweb.login

See the documentation of Pyramid Cubicweb for more details.

Warning

If you want to be able to log in a CubicWeb application served by pyramid on a unsecured stream (typically when you start an instance in dev mode using a simple cubicweb-ctl pyramid -D -linfo myinstance), you must set cubicweb.auth.authtkt.session.secure to no.

Secrets

There are a number of secrets to configure in pyramid.ini. They should be different one from each other, as explained in Pyramid’s documentation.

For the record:

cubicweb.session.secret:
 This secret is used to encrypt the session’s data ID (data themselved are stored in the backend, database or redis) when using the integrated (CWSession based) session data storage.
redis.session.secret:
 This secret is used to encrypt the session’s data ID (data themselved are stored in the backend, database or redis) when using redis as backend.
cubicweb.auth.authtkt.session.secret:
 This secret is used to encrypt the authentication cookie.
cubicweb.auth.authtkt.persistent.secret:
 This secret is used to encrypt the persistent authentication cookie.

Release history Release notifications

This version
History Node

0.5.0

History Node

0.4.0

History Node

0.3.2

History Node

0.3.1

History Node

0.3.0

History Node

0.2.0

History Node

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
cubicweb-pyramid-0.5.0.tar.gz (10.7 kB) Copy SHA256 hash SHA256 Source None Jan 3, 2017

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page