Is it possible to get session data from within a Yesod Handler test?
For example I'd like to get the current userId.
Later on, I'd also like to test two simultaneous browser sessions interacting with the Yesod app in turns.
getRequestCookies does return the session, but in an encrypted state.
Related
I have a django project where I need to know how much time each user spends on the site.
The first thing that came to my mind was that since I have a CustomUser I can create my own login/logout view and populate a table with login and logout and the user's identifier. However, I wanted to know if there is a callback function for django.contrib.auth.urls. So I can use the default login form?
You can use Django Signals. Django has several built-in Signals that trigger when various events occur. For example, post_save and post_delete. You can write handlers that listen for these signals to trigger whenever the session (or token, JWT, so on, depending on your authentication backend) is created or destroyed. You can then perform actions (like updating a database table) whenever these events occur.
I would like to run code whenever a Yesod session dies. For example whenever a session dies I would like to print "hello" to the console.
I did not use the scaffolding for my application.
Yesod's default sessions are done with clientsession. This works by storing encrypted data in the cookies from the browser—the server doesn't store any state. For this reason, I don't think there's a way to accomplish what you want.
You could switch to some sort of server-stored session, in which case you could kinda do this based off a session expiring, though you'd never be able to detect something like "the user cleared their cookies" which effectively kills a session.
I'm trying to build a CMS on Node.JS and this far i managed to build everything only by including MySQL module. I would like to continue building all the CMS core modules without the use of extern libraries like Express. I'm working now on the session for Login purposes. By now, i can create cookies with the header Set-Cookie where i store some information of the user to recognize its session when he/she loads all the pages in the site, but i still can't find some way to create session variables without the use of express or some other frameworks.
I'd be thankful if someone could give me some example.
First off, unless you're building things yourself just because you want to learn how to do it all yourself, there's really no reason to re-invent things that have already been well engineered in existing modules. Because this is server-side code, there's really no penalty for using an already tested module that does what you want. So, my first recommendation would be to use Express and express-session. It does all the session management for you and will give you lots more time to work on the aspects of your project that will really help it succeed or fail.
And, THE top benefit of using node.js in the first place is being able to use the huge library of existing code available through NPM and Github.
Conceptually, here's how a session works in the node.js/web browser client/server world.
Incoming request from client to web server.
Server creates some sort of guaranteed unique cookie value and sets that as a cookie on the response.
Server also creates a serve-side session object and puts that object into some data store with the session cookie value as an index into that data store.
Now every time a future request arrives from that same client, it will be accompanied with that session cookie.
On each incoming request, the server can grab the session cookie value, use it as the key to look up the corresponding session object and get it.
Any request handler can then read data from the session object or write data to the session object.
In this manner you can keep data associated with a particular client secure and safe on the server and usable from one request to another.
If you're going to implement your own session system, you have to be able to create these unique session cookies and create some sort of session storage (can be anything from a Map object in memory to a database), implement session expiration and session store cleanup and then provide appropriate middleware or utility functions that makes it easy to use on any individual http request.
In CherryPy, each request runs in a thread, and that thread has access to a session object via cherrypy.session. If, from that request thread, you launch another thread, thereby allowing the request to return, you no longer have access to that session object. Is there any way around this?
I have a function that runs when the user loads a specific page. Under certain circumstances, this function could take some time (say 10 seconds or so) to run. The results of this function aren't used directly in page rendering, rather they are stored in the users session object for later (instant) retrieval when the user clicks a button. Rather than make the user wait for the data to be compiled, I would like to offload this function to a background thread and let the main thread return the page to the user, but when I do that I no longer have access to the users session object to store the result. How can I work around this? Thanks.
In my specific situation, I am using a custom class for my session (a PostgreSQL session class), but I would think the same procedure would apply regardless. When the initial request comes in, I pull the session_id from the cherrypy.request.cookie object, and pass it to the function that I run in the child thread.
Then, in that function, when I need to access the session object, I instantiate a new session object myself using the session_id, and after setting the desired value call save() on the instance. Works perfectly for me!
I want to implement logging in for users, and regard them as "logged in" during their surfing (using sessions). I do it on Google App Engine with webapp2 framework. But the platform is not important, I'm sure you will point out the general rules to do it.
I have written the class Authorization with authorize method, and every handler inherits from this class. When some handler is triggered I first run self.authorize() and it checks whether the user has the session variable holding his login. Then I check the internal datastore to find out whether the user's session is expired (so I don't depend only on the info from the client's side).
How can I improve or simplify this approach? Do I have to do the authorization routine from every handler or I can keep it in one place?
Also the way webapp2 implements sessions look strange to me. I have to make a class with dispatch and session methods that do some magic. And if a handler inherits from this class I can use sessions inside it:self.sessions['login'] = 'Joe'; self.sessions.get('login').