I've done a handful of side-by-side migrations or deployments.
I think you already identified the generally best approach IMHO:
> Conceptually the simplest would be to have a auth cookie that is
valid in both, it could be set to only be created in one and honoured in
the other.
However I recommend it with one caveat -- I would approach this
functionality as if it were it's own authentication micro-service. It can
live in one of the two processes, it doesn't need a third, but I would
structure the UX, tests and development as if it were totally independent
-- so the cookie value would just contain login state the core account info
needed for auth and permissions. If either process needs to store other
data in a cookie, use another cookie.
Reading Pyramid cookies in Flask is pretty simple, Pyramid sessions just
automate loading webob cookies with defaults
* https://github.com/Pylons/pyramid/blob/master/src/pyramid/session.py
* https://github.com/Pylons/webob/blob/master/src/webob/cookies.py
In terms of Pyramid versions, if you need Python2 support - 1.10 is your
only option. Otherwise, just pay attention to the deprecations on Pyramid2
and you should be able to transition from 1.10 to 2 very easily if you
don't want to run the pre-release. Michael Merickel is the expert on this,
but I think he and his team have done a great job in planning the 2.0
changes by offering a lot of "forward compatibility' options in 1.10 to
prepare us for switching to 2.0. I could be wrong, but I think almost
every one of the 2.0 changes can be elected in 1.10. The only difference I
know of is the drastic change to authentication/authorization (which may be
worth using the pre-release).
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to pylons-discuss+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/pylons-discuss/b0d9e559-d070-4522-82ef-217af2c63de2o%40googlegroups.com.
