-1

KBsession stores the session TTL based on PERMANENT_SESSION_LIFETIME is there a way to override this for specific sessions

EDIT: so I have two different API for login I need to give any user login from one of them an infinite session TTL, the other one will take PERMANENT_SESSION_LIFETIME value note: KBsession back-end is redis

4

1 回答 1

0

我认为最好的方法是使用会话接口来创建特定的处理。这只是一个例子,但我希望你能理解方法。

from flask import Flask, session as flask_session, jsonify

flask_app = Flask(__name__)
# just a few user types
UNIQUE_USER_TYPE = 'unique'
DEFAULT_USER_TYPE = 'default'

@flask_app.route('/login-default')
def login_default():
    flask_session['user_type'] = DEFAULT_USER_TYPE
    return 'login default done'

@flask_app.route('/login-unique')
def login_unique():
    flask_session['user_type'] = UNIQUE_USER_TYPE
    return 'login unique done'

@flask_app.route('/session-state')
def get_session_state():
    return jsonify(dict(flask_session))


class UserTypeSessionInterface(SecureCookieSessionInterface):

    def get_expiration_time(self, app, session):
        """
        I just override method. Just demonstration.
        It's called from save_session() and open_session()
        """
        if session.get('user_type') == UNIQUE_USER_TYPE:
            # set 1 hour for unique users
            delta = datetime.utcnow() + timedelta(hours=1)
        else:
            # set 3 hour for default users
            delta = datetime.utcnow() + timedelta(hours=3)
        # add datetime data into session
        session['lifetime'] = delta.strftime('%Y-%m-%dT%H:%M:%S')
        return delta
# use our custom session implementation
flask_app.session_interface = UserTypeSessionInterface()

现在运行服务器,打开新的私人窗口,/login-default然后/session-state

# default behaviour
{
  "lifetime": "2018-11-06T16:22:21", 
  "user_type": "default"
}

再打开一个私人窗口,/login-unique然后/session-state

# unique behaviour
{
   "lifetime": "2018-11-06T14:25:17", 
   "user_type": "unique"
}

因此,会话存储工具无关紧要(redis、cassandra 或其他)。您所需要的只是实现open_session()save_session()

class YourSessionProcessor(SessionInterface):

    def open_session(self, app, request):
        # just do here all what you need
        pass

    def save_session(self, app, session, response):
        # just do here all what you need
        pass

flask_app.session_interface = YourSessionProcessor()

您也可以使用自定义会话类(只是一个示例):

from flask.sessions import SessionMixin
from werkzeug.datastructures import CallbackDict

class CustomSession(CallbackDict, SessionMixin):

    def __init__(self, initial=None, sid=None):
        def on_update(self):
            self.modified = True

        CallbackDict.__init__(self, initial, on_update=on_update)
        self.sid = sid
        self.modified = False

# YourSessionProcessor
def open_session(self, app, request):
    # you can find any useful data in request
    # you can find all settings in app.config
    sid = request.cookies.get(app.session_cookie_name)
    # ... do here everything what you need
    return CustomSession(sid=sid)

希望这可以帮助。

于 2018-11-06T13:47:16.470 回答