Session management for hyperdiv
Project description
Hyperdiv Session
Adds the support for sessions to Hyperdiv. This is an essential plugin that enables Hyperdiv users to create authorization flows, data persistence across browser sessions and multiuser support.
Getting Started
- Import this plugin.
- Initialize this plugin and provide the
secret
string for cookie signing to work. - Handle non-authenticated state, create new session after authentication, persist sessions if required.
The example.py
contains a basic Hyperdiv application that can handle authentication or log in, persist user across browser windows, persist user data to the filesystem and have log out feature.
Notes on implementation
The client-side persistence implemented using localStorage
(see: MDN Web Docs). We use signed cookie
as session token.
The cookie signing mechanism is derived from Django
. We use salted HMAC with SHA-256
hasher for timestamped cookies.
Warning
This is a work-in-progress software! It may lack required features, contain bugs or breaches. Please create new issue for feature request and bug report.
TODO
- Test coverage
- Make the XSS testing stage
- Create documentation and samples
- Implement GDPR compliance
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for hyperdiv_session-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | fc938f6383eb5dfdd18530fb380d2bf09b8cb3f7e0028ca2bf41ce73f21f4005 |
|
MD5 | a99d5cbced746376ae9f43f0a3829252 |
|
BLAKE2b-256 | 461f42e4650e8e2de54489b7f026afc99b01e4deaa64beda27bde8611dba0781 |