Christopher Arndt schrieb:
Felix Schwarz schrieb:This works in CP2, I'm using it for sessions (Beaker) and authentication (repoze.who) with TG1.I'd be interested in how you do this exactly. I'd like for us to get away from using the CherryPy session in TG >= 1.1 (or maybe 1.5) to be more flexible in choosing session storage backends. Would you have any code to share?
For the session stuff there is not much code involved as it was very straight-forward. In fact I already have a draft for a wiki page but I was not able to finish it in the last weeks so I'm just attaching it.
The only thing you really should pay attention to is, that you use a relatively new beaker (> 0.9.3) because older versions contain an important security bug (I posted a notice to the TG ml back then).
fs
How to use Beaker with CherryPy 2 (TurboGears 1) Although CherryPy ships its own session management library, I liked to use Beaker (http://beaker.groovie.org/) because has some nice capabilities like cookie-only sessions (session data is stored only inside a signed cookie, no state on the server) and cache management. Thanks to WSGI and CherryPy's WSGI capabilities, integrating Beaker was not that hard. After I created a TurboGears project named "beaker_demo" ("tg-admin quickstart beaker_demo"), I had to modify start-beaker_demo.py and controllers.py. For demonstration purposes, I will configure Beaker to store the session information in files below your temporary directory (usually "/tmp" under Un*x or C:\temp under Windows). The session id is stored securely (signed + encrypted) in a cookie (you will need to install PyCrypto http://www.amk.ca/python/code/crypto, Fedora/CentOS package name is python-crypto). start-beaker_demo.py # ... (generated content) from beaker_demo.controllers import Root # (replace the rest of the content with the lines below) import tempfile from cherrypy._cpwsgi import wsgiApp, CPHTTPRequest from cherrypy._cpwsgiserver import CherryPyWSGIServer from beaker.middleware import SessionMiddleware class BeakerSessionServer(CherryPyWSGIServer): RequestHandlerClass = CPHTTPRequest def __init__(self): conf = cherrypy.config.get cp_wsgi_app = wsgiApp beaker_config = {"session.data_dir": tempfile.gettempdir(), "secret": "foo", "key": "beaker_session_key"} wsgi_app = SessionMiddleware(cp_wsgi_app, config=beaker_config) bind_addr = (conf("server.socket_host"), conf("server.socket_port")) CherryPyWSGIServer.__init__(self, bind_addr, wsgi_app, conf("server.thread_pool"), conf("server.socket_host"), request_queue_size = conf( "server.socket_queue_size"), ) cherrypy.root = Root() cherrypy.server.start(server=BeakerSessionServer()) ------------------------------------------------------ controllers.py # ... class Root(controllers.RootController): @expose(template="beaker_demo.templates.welcome") def index(self): import cherrypy session = cherrypy.request.wsgi_environ['beaker.session'] if not session.has_key('some_beaker_key'): session['some_beaker_key'] = 0 session['some_beaker_key'] += 1 session.save() import time flash("Your application is now running. Call #" + str(session['some_beaker_key'])) return dict(now=time.ctime()) # ...
smime.p7s
Description: S/MIME Cryptographic Signature
