Here's the source code:

A live demo is here:

The problem is in the init_request method.

The current implementation uses threading.local.

I have no idea how to make the WSGI environ object a thread-local in case the remote user has been logged in.

Any input would be greatly appreciated.



Le 2016-10-10 à 10:30, Etienne Robillard a écrit :

I'm attempting to develop a OAuth 2.0 authentication middleware which sets REMOTE_USER variable into the WSGI environ object, however I'm unable to make this variable unique for the logged user.

Is it recommended to use threading.local or gevent to make the WSGI environment persisting on a per-request basis ?

What others options can you advise to make private request data not accessible in WSGI ?

Thanks in advance,


Etienne Robillard

Web-SIG mailing list
Web SIG:

Reply via email to