# Hyperdiv Session
Adds the support for sessions to Hyperdiv. This is an essential plugin that enables Hyperdiv users to create authorization flows, data persistence across browser sessions and multiuser support.
# Getting Started
1. `pip install hyperdiv-session`
1. Import this plugin `from hyperdiv_session import session`.
2. Initialize this plugin and provide the `secret` string for cookie signing to work.
3. Handle non-authenticated state, create new session after authentication, persist sessions if required.
# Demo app
The `example.py` contains a basic Hyperdiv application that can handle authentication or log in, persist user across browser windows, persist user data to the filesystem and have log out feature.
```python
import hyperdiv as hd
from hyperdiv_session import session
from _storage import connect, persist, load, delete
def main():
# Create a session object with a secret key
sid = session(secret_key="some very secret")
# Create some view state to store a count
counter = hd.state(count=0)
with hd.box(padding=8, gap=2):
if not sid.is_authenticated():
hd.text("Not authenticated yet.")
if hd.button("Authenticate").clicked:
# create new session
sid.create_new()
sid.gdpr_flag = True # GDPR consent
# save session into storage
persist(sid.session_id, counter.count)
else:
# load state for given session_id from storage
counter.count = load(sid.session_id)
hd.text("Session demo app.")
hd.text(sid.session_id)
hd.text(counter.count)
if hd.button("Increment").clicked:
counter.count += 1
# update session state in storage
persist(sid.session_id, counter.count)
if hd.button("Log out").clicked:
sid.clear()
delete(sid.session_id)
connect() # open connection to storage or create a new one
hd.run(main)
```
https://github.com/vladignatyev/hyperdiv-session/assets/513940/abdf89f6-9d38-48a3-89d2-2d9166bdfddc
# Notes on implementation
The client-side persistence implemented using `localStorage` (see: [MDN Web Docs](https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API)). We use `signed cookie` as session token.
The cookie signing mechanism is derived from `Django`. We use salted HMAC with `SHA-256` hasher for timestamped cookies.
# Warning
This is a work-in-progress software! It may lack required features, contain bugs or breaches. Please create new issue for feature request and bug report.
# TODO
- [x] Test coverage
- [ ] Make the XSS testing stage
- [ ] Create documentation and samples
- [x] Implement GDPR compliance
Raw data
{
"_id": null,
"home_page": null,
"name": "hyperdiv-session",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.9",
"maintainer_email": null,
"keywords": "hyperdiv, reactive, ui, web, framework, hyperdiv-session",
"author": "Vladimir Ignatev",
"author_email": "ya.na.pochte@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/5d/09/29bae4886816d0393caf9175069bb7377b3ef150b89817107ecab68d45e4/hyperdiv_session-0.1.1.tar.gz",
"platform": null,
"description": "# Hyperdiv Session\nAdds the support for sessions to Hyperdiv. This is an essential plugin that enables Hyperdiv users to create authorization flows, data persistence across browser sessions and multiuser support.\n\n# Getting Started\n1. `pip install hyperdiv-session`\n1. Import this plugin `from hyperdiv_session import session`.\n2. Initialize this plugin and provide the `secret` string for cookie signing to work.\n3. Handle non-authenticated state, create new session after authentication, persist sessions if required.\n\n# Demo app\nThe `example.py` contains a basic Hyperdiv application that can handle authentication or log in, persist user across browser windows, persist user data to the filesystem and have log out feature. \n```python\nimport hyperdiv as hd\nfrom hyperdiv_session import session\n\nfrom _storage import connect, persist, load, delete\n\n\ndef main():\n # Create a session object with a secret key\n sid = session(secret_key=\"some very secret\")\n\n # Create some view state to store a count\n counter = hd.state(count=0)\n\n with hd.box(padding=8, gap=2):\n if not sid.is_authenticated():\n hd.text(\"Not authenticated yet.\")\n\n if hd.button(\"Authenticate\").clicked:\n # create new session\n sid.create_new()\n sid.gdpr_flag = True # GDPR consent\n\n # save session into storage\n persist(sid.session_id, counter.count)\n\n else:\n # load state for given session_id from storage\n counter.count = load(sid.session_id)\n\n hd.text(\"Session demo app.\")\n hd.text(sid.session_id)\n hd.text(counter.count)\n\n if hd.button(\"Increment\").clicked:\n counter.count += 1\n\n # update session state in storage\n persist(sid.session_id, counter.count)\n\n if hd.button(\"Log out\").clicked:\n sid.clear()\n delete(sid.session_id)\n\n\nconnect() # open connection to storage or create a new one\n\nhd.run(main)\n```\n\nhttps://github.com/vladignatyev/hyperdiv-session/assets/513940/abdf89f6-9d38-48a3-89d2-2d9166bdfddc\n\n\n# Notes on implementation\nThe client-side persistence implemented using `localStorage` (see: [MDN Web Docs](https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API)). We use `signed cookie` as session token.\nThe cookie signing mechanism is derived from `Django`. We use salted HMAC with `SHA-256` hasher for timestamped cookies. \n\n# Warning\nThis is a work-in-progress software! It may lack required features, contain bugs or breaches. Please create new issue for feature request and bug report.\n\n# TODO\n- [x] Test coverage \n- [ ] Make the XSS testing stage\n- [ ] Create documentation and samples\n- [x] Implement GDPR compliance\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "Session management for hyperdiv",
"version": "0.1.1",
"project_urls": null,
"split_keywords": [
"hyperdiv",
" reactive",
" ui",
" web",
" framework",
" hyperdiv-session"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "7473a57822e101453a496c671d6e7bc8905fa49793aecc3ebb87fb5ad7e1cb71",
"md5": "21b781a5171a82cdec5778f773af3ec7",
"sha256": "f2dba8fe29a0aed04fe6e9bd090b306aa86bf66a08e329a220c2df54f2676a08"
},
"downloads": -1,
"filename": "hyperdiv_session-0.1.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "21b781a5171a82cdec5778f773af3ec7",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.9",
"size": 9101,
"upload_time": "2024-06-22T16:58:36",
"upload_time_iso_8601": "2024-06-22T16:58:36.941392Z",
"url": "https://files.pythonhosted.org/packages/74/73/a57822e101453a496c671d6e7bc8905fa49793aecc3ebb87fb5ad7e1cb71/hyperdiv_session-0.1.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "5d0929bae4886816d0393caf9175069bb7377b3ef150b89817107ecab68d45e4",
"md5": "55d22b073bf070c6fa3775109e38d944",
"sha256": "b354c1516ad3217462fe3075a2cec534b771fae3ad69aecff4a5de26b47d6eeb"
},
"downloads": -1,
"filename": "hyperdiv_session-0.1.1.tar.gz",
"has_sig": false,
"md5_digest": "55d22b073bf070c6fa3775109e38d944",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.9",
"size": 7677,
"upload_time": "2024-06-22T16:58:39",
"upload_time_iso_8601": "2024-06-22T16:58:39.122770Z",
"url": "https://files.pythonhosted.org/packages/5d/09/29bae4886816d0393caf9175069bb7377b3ef150b89817107ecab68d45e4/hyperdiv_session-0.1.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-06-22 16:58:39",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "hyperdiv-session"
}
JSON