So, I've been using request.environ['beaker.session'] to access the
beaker session that is provided by pylons. I was recently trying to use
the config values that it appears to have at it's disposal.
There are two specific config values that I have complaints about.
1) session_timeout
This value is taken in from the config and passed directly in and taken
at face value by myghtyutils.session. According to the documentation
from pylons and paste deploy, the values in the config file are all
strings, so the timeout value is taken as a string, and when the
following check happens:
if self.timeout is not None and now - self.accessed >
self.timeout:
it always returns false. Therefore a session will never timeout, and
will never get invalidated due to timeouts.
I was able to get around this particular problem by adding the
following lines to the top of the __init__ function:
if (isinstance(timeout, str)):
timeout = int(timeout)
not the most elegant, but it works for me.
the next problem was not solved so easily.
2) session_cookie_expires
If I want this value to actually work for me, it has to be of type
timedelta or datetime. I am able to set neither of these types in a
config, so I ended up modifying my config.app_config directly prior to
creating my PylonsApp within my project/project/config/middleware.py.
Despite doing this workaround, I was still foiled by another problem.
If I pass in a datetime.timedelta object, the following code gets
triggered:
elif isinstance(self.cookie_expires,
datetime.timedelta):
expires = datetime.datetime.today() +
self.cookie_expires
this looks ok, but it turns out that it is not. Later in the same
function, after it has set the variable expires, it formats the
variable into a date string to use as the cookie's expiration time. To
format the date, it uses the following line:
self.cookie[self.key]['expires'] =
expires.strftime("%a, %d-%b-%Y %H:%M:%S GMT" )
Again, this looks reasonable, however if you look, the variable
"expires" is the result of the today() call, which returns the date and
time of the machine. Unless your machine is actually in GMT, the time
returned from that call will not be GMT. And since my time zone is
approximately GMT - 7, my time of day will always be considered having
been passed if it believed to be GMT.
I fixed this problem by creating a UTC tzinfo as follows:
from datetime import tzinfo, timedelta, datetime
ZERO = timedelta(0)
HOUR = timedelta(hours=1)
class UTC(tzinfo):
"""UTC"""
def utcoffset(self, dt):
return ZERO
def tzname(self, dt):
return "UTC"
def dst(self, dt):
return ZERO
utc = UTC()
and then replaced the call to datetime.today() with a call to
datetime.now(utc)
So, to recap, my problems were two fold with the session code.
1) it required config values that were not string values, even though
paste deploy documentation says that all config values are strings,
2) even if there was a way to put non-strings into the config, the
cookie_expires functionality didn't work. I recommend that either the
values from configs have a way to get massaged prior to getting passed
in to the session object __init__, or you change the __init__ function
so that it expects ALL parameters to be passed in as strings, and deals
with them appropriately.
Thanks for your time,
David
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
