uapi.sessions package#

Submodules#

uapi.sessions.redis module#

Redis backends for sessions.

class uapi.sessions.redis.AsyncRedisSessionStore(redis, key_prefix, cookie_name, cookie_settings)#

Bases: object

Method generated by attrs for class AsyncRedisSessionStore.

Parameters:

  • redis (Redis) –

  • key_prefix (str) –

  • cookie_name (str) –

  • cookie_settings (CookieSettings) –

async remove_namespace(namespace)#

Remove all sessions in a particular namespace.

Parameters:

namespace (str) –

Return type:

None

class uapi.sessions.redis.AsyncSession#

Bases: dict[str, str]

async clear_session()#
Return type:

dict[str, str]

async update_session(*, namespace=None)#
Parameters:

namespace (str | None) –

Return type:

dict[str, str]

uapi.sessions.redis.configure_async_sessions(app, aioredis, max_age=datetime.timedelta(days=14), cookie_name='session_id', cookie_settings=CookieSettings(max_age=None, http_only=True, secure=True, path=None, domain=None, same_site='lax'), redis_key_prefix='', session_arg_param_name='session')#

Configure an instance of async sessions for an app.

A session ID will be generated using Python’s secrets.token_hex and stored in a cookie.

Once configured, handlers may declare a parameter of name _session_arg_param_name (defaults to session) and type AsyncSession. AsyncSessions are mappings of strings to strings, and can be used to store data using the AsyncSession.update_session() and AsyncSession.clear_session() coroutines.

If the cookie is missing or the session data has expired, a new empty session will be transparently created.

Sessions have optional namespaces. Namespaces are useful for logically grouping sessions, for example by user ID, so that multiple sessions can be cleared at once.

Fresh sessions start with no namespace set. To set a namespace, pass it to AsyncSession.update_session().

An AsyncRedisSessionStore is produced at configuration time and can be used to clean up namespaces even outside the context of a request.

Parameters:

  • max_age (timedelta) – The maximum age of a session. When this expires, the session is cleaned up from Redis.

  • cookie_name (str) – The name of the cookie to use for the session id.

  • cookie_settings (CookieSettings) – The settings for the cookie.

  • redis_key_prefix (str) – The prefix to use for redis keys.

  • session_arg_param_name (str) – The name of the handler parameter that will be available for dependency injection.

  • app (AsyncApp) –

  • aioredis (Redis) –

Return type:

AsyncRedisSessionStore

Module contents#

class uapi.sessions.Session#

Bases: dict[str, str]

update_session()#
Return type:

dict[str, str]

uapi.sessions.configure_secure_sessions(app, secret_key, cookie_name='session', salt='cookie-session', settings=CookieSettings(max_age=2678400, http_only=True, secure=True, path=None, domain=None, same_site='lax'))#
Parameters:

  • app (App | AsyncApp) –

  • secret_key (str) –

  • cookie_name (str) –

  • salt (str) –

  • settings (CookieSettings) –