DynamoDB-backed sessions for Pyramid applications.
Project description
pyramid-dynamodb-sessions
pyramid-dynamodb-sessions
stores user sessions for Pyramid in DynamoDB.
DynamoDB sessions offer large storage (up to 400kb per session), confidentiality (the user can't see the contents of the session) and low operational overhead.
Motiviation
Pyramid ships with cookie-based sessions by default. This is a good option for many applications, but has several downsides:
- Data is unencrypted and can be be read by the user.
- Cookies are limited to 4kb of data.
Redis-backed sessions is another popular option, but requires operating a Redis server.
DynamoDB can store up to 400kb of data per session and requires no server management. With On-Demand Capacitiy, you don't have to do any capacity planning and only pay for what you use. You can also opt for Provisioned Capacity as a way to optimize costs.
Getting Started
Before getting started, you should be familiar with AWS IAM and know how to grant permissions to your application.
To get started, first create a new DynamoDB table.
The table should have a hash key of sid
as a binary type.
Time-to-live should be enabled on the exp
attribute.
You can use the following AWS CLI command to create the table.
aws dynamodb create-table \
--table-name mytable \
--attribute-definitions AttributeName=sid,AttributeType=B \
--key-schema AttributeName=sid,KeyType=HASH \
--billing-mode=PAY_PER_REQUEST
aws dynamodb update-time-to-live \
--table-name mytable \
--time-to-live-specification "Enabled=true, AttributeName=exp"
To enable pyramid-dynamodb-sessions in your application, first make sure your application has the following permissions for your newly created table:
dynamodb:GetItem
dynamodb:PutItem
dynamodb:UpdateItem
dynamodb:DeleteItem
Next set your session factory to a pyramid_dynamodb_sessions.DynamoDBSessionFactory
object.
from pyramid.config import Configurator
from pyramid_dynamodb_sessions import DynamoDBSessionFactory
def app(config, **settings):
config = Configurator(
session_factory=DynamoDBSessionFactory('mytable'),
)
config.make_wsgi_app()
And that's it! When your application adds data to the session, it will be persisted to DynamoDB and a unique session ID will be stored in the users cookie.
Configuration
DynamoDBSessionFactory
requires only one argument on initialization: the table name.
You can also pass a boto3 Table object.
This is useful if you want control over the configuration of Boto3.
Additional arguments mostly deal with the session ID cookie and roughly match the arguments for Pyramid's built-in cookie sessions.
table
— The DynamoDB table to use. Can be a string or a boto3 Table object.cookie_name
— The name of the cookie used to store the session ID. Defaults tosession_id
.max_age
— The expiration time for the cookie in seconds. Defaults toNone
(session-only cookie).path
— The path for the cookie. Defaults to/
.domain
— The domain for the cookie. Defaults to no domain.secure
— If true, sets thesecure
flag for the cookie. Defaults toNone
, which will set the flag if the request is made via HTTPS.httponly
— If true, hide the cookie from Javascript by setting theHttpOnly
flag. Defaults to true.samesite
— The SameSite property for the cookie, orNone
to disable the SameSite option. Defaults toStrict
.timeout
— The number of seconds of inactivity before the session times out. Defaults to1200
(20 minutes).reissue_time
— The number of seconds before the session is "reissued," meaning that the activity timeout is reset. Reissuing performs a write to DynamoDB, so it is recommended to set this to a reasonably high value, such as 1/10 of the timeout. Defaults to120
(2 minutes).
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pyramid_dynamodb_sessions-0.1.3.tar.gz
.
File metadata
- Download URL: pyramid_dynamodb_sessions-0.1.3.tar.gz
- Upload date:
- Size: 6.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5915bb3897e3c3685dd969460395de6d3506ff6d81f0d8f6675bdfc1b0a2e264 |
|
MD5 | 24b155207fdba0cd16456cc80f707910 |
|
BLAKE2b-256 | 16fb196d9d7610e89a87b1c8eb2bc947922c5a76275830686806e68495612f70 |
File details
Details for the file pyramid_dynamodb_sessions-0.1.3-py3-none-any.whl
.
File metadata
- Download URL: pyramid_dynamodb_sessions-0.1.3-py3-none-any.whl
- Upload date:
- Size: 7.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0a0c8f5d587aa1f14ee8277bbe2b33c8a74d9a4a4dfda14aa4660e4158100c29 |
|
MD5 | 819b3df903b2507fd2375510ecee84f5 |
|
BLAKE2b-256 | d53f9b9dbeba06cd75939945f9f69daa053550610720cbe6110d37f5d6e85c87 |