> On Feb 3, 2017, at 14:07, Jonathan Vanasco <jonat...@findmeon.com> wrote: > > I forked `pyramid_redis_sessions` into a new project because my needs changed. > > i ended up inheriting a design flaw and need to refactor it out. I'm hoping > to look at other server-side session systems for inspiration. > > my issue is that not having a session_id cookie, or having an invalid one, > will automatically generate a placeholder session in redis. i need to > refactor my code so that session_ids are only created if actually used. (i > have a handful of ideas on how to do this, but if something works... > inspiration would save me time).
Don’t touch request.session… Pyramid doesn’t actually call the session factory unless you ask for it from request.session. Could create a pass-through session factory that won’t call into redis session unless a key is being set (access thus won’t create a session, so you can do things like ‘key’ in blah). As it currently stands, it doesn’t look like redis sessions plays well with transactions, based upon a quick glance at the code it looks like it refreshes/persists data the moment you set it. Warehouse actually disables the session entirely if it is a stateless request that shouldn’t be touching the session which is a neat idea too. > > this isn't an issue for normal usage, but i got hit by a spider the other day > that ignored cookies and created over 30k stale sessions. this will pose a > problem for me in the future and i'd like to address it (pagecount is > growing, session and database-cache are in redis running LRU mode). > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to pylons-discuss+unsubscr...@googlegroups.com > <mailto:pylons-discuss+unsubscr...@googlegroups.com>. > To post to this group, send email to pylons-discuss@googlegroups.com > <mailto:pylons-discuss@googlegroups.com>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/pylons-discuss/20766195-47b0-46eb-a82f-06c331ce9ec8%40googlegroups.com > > <https://groups.google.com/d/msgid/pylons-discuss/20766195-47b0-46eb-a82f-06c331ce9ec8%40googlegroups.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To post to this group, send email to pylons-discuss@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/0FA259BC-EE36-454F-9388-54535DB49F29%400x58.com. For more options, visit https://groups.google.com/d/optout.