Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Zope session

Project Description

This package provides session support.

Zope3 Session Implementation

Note

All interfaces and implementations provided by this package have been migrated to zope.session. This package now merely provides ZMI menu configuration.

Overview

Caution!

Session data is maintained on the server. This gives a security advantage in that we can assume that a client has not tampered with the data. However, this can have major implications for scalability as modifying session data too frequently can put a significant load on servers and in extreme situations render your site unusable. Developers should keep this in mind when writing code or risk problems when their application is run in a production environment.

Applications requiring write-intensive session implementations (such as page counters) should consider using cookies or specialized session implementations.

Sessions allow us to fake state over a stateless protocol - HTTP. We do this by having a unique identifier stored across multiple HTTP requests, be it a cookie or some id mangled into the URL.

The IClientIdManager Utility provides this unique id. It is responsible for propagating this id so that future requests from the client get the same id (eg. by setting an HTTP cookie). (Note that this, and all interfaces, are imported from this package for demonstration purposes only. They have been moved to zope.session.interfaces) This utility is used when we adapt the request to the unique client id:

>>> from zope.app.session.interfaces import IClientId
>>> IClientId
<InterfaceClass zope.session.interfaces.IClientId>
>>> client_id = IClientId(request)

The ISession adapter gives us a mapping that can be used to store and retrieve session data. A unique key (the package id) is used to avoid namespace clashes:

>>> from zope.app.session.interfaces import ISession
>>> pkg_id = 'products.foo'
>>> session = ISession(request)[pkg_id]
>>> session['color'] = 'red'
>>> session2 = ISession(request)['products.bar']
>>> session2['color'] = 'blue'
>>> session['color']
'red'
>>> session2['color']
'blue'

Data Storage

The actual data is stored in an ISessionDataContainer utility. ISession chooses which ISessionDataContainer should be used by looking up as a named utility using the package id. This allows the site administrator to configure where the session data is actually stored by adding a registration for desired ISessionDataContainer with the correct name.

>>> from zope.app.session.interfaces import ISessionDataContainer
>>> from zope.component import getUtility
>>> sdc = getUtility(ISessionDataContainer, pkg_id)
>>> sdc[client_id][pkg_id] is session
True
>>> sdc[client_id][pkg_id]['color']
'red'

If no ISessionDataContainer utility can be located by name using the package id, then the unnamed ISessionDataContainer utility is used as a fallback. An unnamed ISessionDataContainer is automatically created for you, which may replaced with a different implementation if desired.

>>> ISession(request)['unknown'] \
...     is getUtility(ISessionDataContainer)[client_id]['unknown']
True

The ISessionDataContainer contains ISessionData objects, and ISessionData objects in turn contain ISessionPkgData objects. You should never need to know this unless you are writing administrative views for the session machinery.

>>> from zope.app.session.interfaces import ISessionData, ISessionPkgData
>>> ISessionData.providedBy(sdc[client_id])
True
>>> ISessionPkgData.providedBy(sdc[client_id][pkg_id])
True

The ISessionDataContainer is responsible for expiring session data. The expiry time can be configured by settings its timeout attribute.

>>> sdc.timeout = 1200 # 1200 seconds or 20 minutes

Restrictions

Data stored in the session must be persistent or picklable.

>>> session['oops'] = open(__file__)
>>> import transaction
>>> transaction.commit()
Traceback (most recent call last):
    [...]
TypeError: cannot serialize ...

Page Templates

Session data may be accessed in page template documents using TALES:

<span tal:content="request/session:products.foo/color | default">
    green
</span>

or:

<div tal:define="session request/session:products.foo">
    <script type="text/server-python">
        try:
            session['count'] += 1
        except KeyError:
            session['count'] = 1
    </script>

    <span tal:content="session/count" />
</div>

CHANGES

4.0.0 (2017-05-29)

  • Add support for Python 3.4, 3.5, 3.6 and PyPy.
  • Remove dependency on ZODB3 and other packages that are not used by this package, leaving behind only zope.session. Packages that are used during testing are now test dependencies.

3.6.2 (2010-09-01)

  • Remove undeclared dependency on zope.deferredimport.

3.6.1 (2010-02-06)

  • Include meta.zcml from zope.securitypolicy

3.6.0 (2009-02-01)

  • Use zope.site instead of zope.app.folder in tests.

3.5.2 (2009-01-27)

  • Fixed tearDown-Error in tests.

3.5.1 (2007-10-31)

  • Resolve ZopeSecurityPolicy deprecation warning.

3.5.0 (2007-09-27)

  • A release to override an untagged, unreasoned dev release in download.zope.org/distribution.

3.4.3 (2007-09-27)

  • Fix package meta-data.

3.4.2 (2007-09-24)

  • rebumped to replace faulty egg
  • added missing dependecy to zope.session

3.4.1 (2007-09-24)

  • Added missing files to egg distribution

3.4.0 (2007-09-24)

  • Initial documented release
Release History

Release History

This version
History Node

4.0.0

History Node

3.6.2

History Node

3.6.1

History Node

3.6.0

History Node

3.5.2

History Node

3.5.1

History Node

3.5.0

History Node

3.4.3

History Node

3.4.2

History Node

3.4.1

History Node

3.4.0

History Node

3.4.0a1

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
zope.app.session-4.0.0-py2.py3-none-any.whl (19.4 kB) Copy SHA256 Checksum SHA256 py2.py3 Wheel May 29, 2017
zope.app.session-4.0.0.tar.gz (15.3 kB) Copy SHA256 Checksum SHA256 Source May 29, 2017

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting