Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Add the 'pyramid' command to cubicweb-ctl

Project Description

Add the ‘pyramid’ command to cubicweb-ctl”.

This cube also add a CWSession entity type so that sessions can be stored in the database, which allows to run a Cubicweb instance without having to set up a session storage (like redis or memcache) solution.

However, for production systems, it is greatly advised to use such a storage solution for the sessions.

The handling of the sessions is made by pyramid (see the pyramid’s documentation on sessions for more details).

For example, to set up a redis based session storage, you need the pyramid-redis-session package, then you must configure pyramid to use this backend, by configuring the pyramid.ini file in the instance’s config directory (near the all-in-one.conf file):

[main]
cubicweb.defaults = no # we do not want to load the default cw session handling

cubicweb.auth.authtkt.session.secret = <secret1>
cubicweb.auth.authtkt.persistent.secret = <secret2>
cubicweb.auth.authtkt.session.secure = yes
cubicweb.auth.authtkt.persistent.secure = yes

redis.sessions.secret = <secret3>
redis.sessions.prefix = <my-app>:

redis.sessions.url = redis://localhost:6379/0

pyramid.includes =
        pyramid_redis_sessions
        pyramid_cubicweb.auth
        pyramid_cubicweb.login

See the documentation of Pyramid Cubicweb for more details.

Warning

If you want to be able to log in a CubicWeb application served by pyramid on a unsecured stream (typically when you start an instance in dev mode using a simple cubicweb-ctl pyramid -D -linfo myinstance), you must set cubicweb.auth.authtkt.session.secure to no.

Secrets

There are a number of secrets to configure in pyramid.ini. They should be different one from each other, as explained in Pyramid’s documentation.

For the record:

cubicweb.session.secret:
 This secret is used to encrypt the session’s data ID (data themselved are stored in the backend, database or redis) when using the integrated (CWSession based) session data storage.
redis.session.secret:
 This secret is used to encrypt the session’s data ID (data themselved are stored in the backend, database or redis) when using redis as backend.
cubicweb.auth.authtkt.session.secret:
 This secret is used to encrypt the authentication cookie.
cubicweb.auth.authtkt.persistent.secret:
 This secret is used to encrypt the persistent authentication cookie.
Release History

Release History

This version
History Node

0.5.0

History Node

0.4.0

History Node

0.3.2

History Node

0.3.1

History Node

0.3.0

History Node

0.2.0

History Node

0.1.0

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
cubicweb-pyramid-0.5.0.tar.gz (10.7 kB) Copy SHA256 Checksum SHA256 Source Jan 3, 2017

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting