Session management for hyperdiv
Project description
Hyperdiv Session
Adds the support for sessions to Hyperdiv. This is an essential plugin that enables Hyperdiv users to create authorization flows, data persistence across browser sessions and multiuser support.
Getting Started
pip install hyperdiv-session- Import this plugin
from hyperdiv_session import session. - Initialize this plugin and provide the
secretstring for cookie signing to work. - Handle non-authenticated state, create new session after authentication, persist sessions if required.
Demo app
The example.py contains a basic Hyperdiv application that can handle authentication or log in, persist user across browser windows, persist user data to the filesystem and have log out feature.
import hyperdiv as hd
from hyperdiv_session import session
from _storage import connect, persist, load, delete
def main():
# Create a session object with a secret key
sid = session(secret_key="some very secret")
# Create some view state to store a count
counter = hd.state(count=0)
with hd.box(padding=8, gap=2):
if not sid.is_authenticated():
hd.text("Not authenticated yet.")
if hd.button("Authenticate").clicked:
# create new session
sid.create_new()
sid.gdpr_flag = True # GDPR consent
# save session into storage
persist(sid.session_id, counter.count)
else:
# load state for given session_id from storage
counter.count = load(sid.session_id)
hd.text("Session demo app.")
hd.text(sid.session_id)
hd.text(counter.count)
if hd.button("Increment").clicked:
counter.count += 1
# update session state in storage
persist(sid.session_id, counter.count)
if hd.button("Log out").clicked:
sid.clear()
delete(sid.session_id)
connect() # open connection to storage or create a new one
hd.run(main)
https://github.com/vladignatyev/hyperdiv-session/assets/513940/abdf89f6-9d38-48a3-89d2-2d9166bdfddc
Notes on implementation
The client-side persistence implemented using localStorage (see: MDN Web Docs). We use signed cookie as session token.
The cookie signing mechanism is derived from Django. We use salted HMAC with SHA-256 hasher for timestamped cookies.
Warning
This is a work-in-progress software! It may lack required features, contain bugs or breaches. Please create new issue for feature request and bug report.
TODO
- Test coverage
- Make the XSS testing stage
- Create documentation and samples
- Implement GDPR compliance
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file hyperdiv_session-0.1.1.tar.gz.
File metadata
- Download URL: hyperdiv_session-0.1.1.tar.gz
- Upload date:
- Size: 7.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.3 CPython/3.10.13 Linux/5.15.0-97-generic
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b354c1516ad3217462fe3075a2cec534b771fae3ad69aecff4a5de26b47d6eeb |
|
| MD5 | 55d22b073bf070c6fa3775109e38d944 |
|
| BLAKE2b-256 | 5d0929bae4886816d0393caf9175069bb7377b3ef150b89817107ecab68d45e4 |
File details
Details for the file hyperdiv_session-0.1.1-py3-none-any.whl.
File metadata
- Download URL: hyperdiv_session-0.1.1-py3-none-any.whl
- Upload date:
- Size: 9.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.3 CPython/3.10.13 Linux/5.15.0-97-generic
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f2dba8fe29a0aed04fe6e9bd090b306aa86bf66a08e329a220c2df54f2676a08 |
|
| MD5 | 21b781a5171a82cdec5778f773af3ec7 |
|
| BLAKE2b-256 | 7473a57822e101453a496c671d6e7bc8905fa49793aecc3ebb87fb5ad7e1cb71 |
