The following line can be added to a crontask to clean up old sessions :
find /<path_to>/beaker/sessions/ -type f -mtime +3 -print -exec rm {} \;
> /dev/null 2>&1
Le 30/11/2023 à 17:31, Mike Orr a écrit :
A second for 'pyramid_beaker'. It doesn't get much attention nowadays
but Beaker still works and is getting updates. It has backends to
store sessions in files, Redis, SQLAlchemy, cookie-only, and others. I
have two production applications on it. One because one developer's
workstation doesn't have Redis, so she uses file-based sessions. The
other because it's both a traditional website and is also bundled into
Windows/Mac desktop applications (using Electron with an embedded
browser) so Redis isn't available there. I think the desktop mode uses
memory-based sessions because it's a single thread talking to it.
One thing to keep in mind, Beaker doesn't clean up abandoned session
files so they accumulate until manually purged.
'pyramid_session_redis' and 'pyramid_redis_sessions' have an option to
use Redis's auto-expire feature to automatically delete sessions that
haven't been updated for a while.
On Thu, Nov 30, 2023 at 5:13 AM tonthon<tontho...@gmail.com> wrote:
pyramid_beaker is as far I know only python based (stores sessions on disk)
https://pypi.org/project/pyramid_beaker/
We use extensively for years now without any trouble.
Le 30/11/2023 à 13:14, Scott Lawton a écrit :
Thanks so much!
For this type of data, at a minimum, calls to request.response.set_cookie
should contain `httponly=True` and `secure=True`; the app should also be under
https only. If I understand how your system uses these credentials correctly,
`samesite=strict` should also be added.
Makes sense. (Yes, we deploy sites behind https.)
Store in a Server-Side session. There are many projects in the pyramid
ecosystem for this.
Any suggestions for 1-3 simple examples? Ideally with only Python dependencies
-- I'd rather not add Redis, MongoDB etc. since we already have Supabase.
Scott
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
topylons-discuss+unsubscr...@googlegroups.com.
To view this discussion on the web
visithttps://groups.google.com/d/msgid/pylons-discuss/383183b9-0506-4f01-9653-bca1f8781a7fn%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
topylons-discuss+unsubscr...@googlegroups.com.
To view this discussion on the web
visithttps://groups.google.com/d/msgid/pylons-discuss/006d2a5a-4b6e-4284-affe-5a0530087ea9%40gmail.com.
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to pylons-discuss+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/pylons-discuss/a25cd2e0-be0e-4ecb-af65-3435b246e157%40gmail.com.
