This package provides session support.
==============================
Zope3 Session Implementation
==============================
.. note:: All interfaces and implementations provided by this package
have been migrated to ``zope.session``. This package now
merely provides ZMI menu configuration.
Overview
========
.. CAUTION::
Session data is maintained on the server. This gives a security
advantage in that we can assume that a client has not tampered with
the data. However, this can have major implications for scalability
as modifying session data too frequently can put a significant load
on servers and in extreme situations render your site unusable.
Developers should keep this in mind when writing code or risk
problems when their application is run in a production environment.
Applications requiring write-intensive session implementations (such
as page counters) should consider using cookies or specialized
session implementations.
Sessions allow us to fake state over a stateless protocol - HTTP.
We do this by having a unique identifier stored across multiple
HTTP requests, be it a cookie or some id mangled into the URL.
The ``IClientIdManager`` Utility provides this unique id. It is
responsible for propagating this id so that future requests from the
client get the same id (eg. by setting an HTTP cookie). (Note that
this, and all interfaces, are imported from this package for
demonstration purposes only. They have been moved to
``zope.session.interfaces``) This utility is used when we adapt the
request to the unique client id:
>>> from zope.app.session.interfaces import IClientId
>>> IClientId
<InterfaceClass zope.session.interfaces.IClientId>
>>> client_id = IClientId(request)
The ``ISession`` adapter gives us a mapping that can be used to store
and retrieve session data. A unique key (the package id) is used
to avoid namespace clashes:
>>> from zope.app.session.interfaces import ISession
>>> pkg_id = 'products.foo'
>>> session = ISession(request)[pkg_id]
>>> session['color'] = 'red'
>>> session2 = ISession(request)['products.bar']
>>> session2['color'] = 'blue'
>>> session['color']
'red'
>>> session2['color']
'blue'
Data Storage
============
The actual data is stored in an ``ISessionDataContainer`` utility.
``ISession`` chooses which ``ISessionDataContainer`` should be used by
looking up as a named utility using the package id. This allows
the site administrator to configure where the session data is actually
stored by adding a registration for desired ``ISessionDataContainer``
with the correct name.
>>> from zope.app.session.interfaces import ISessionDataContainer
>>> from zope.component import getUtility
>>> sdc = getUtility(ISessionDataContainer, pkg_id)
>>> sdc[client_id][pkg_id] is session
True
>>> sdc[client_id][pkg_id]['color']
'red'
If no ``ISessionDataContainer`` utility can be located by name using the
package id, then the unnamed ``ISessionDataContainer`` utility is used as
a fallback. An unnamed ``ISessionDataContainer`` is automatically created
for you, which may replaced with a different implementation if desired.
>>> ISession(request)['unknown'] \
... is getUtility(ISessionDataContainer)[client_id]['unknown']
True
The ``ISessionDataContainer`` contains ``ISessionData`` objects, and
``ISessionData`` objects in turn contain ``ISessionPkgData`` objects. You
should never need to know this unless you are writing administrative
views for the session machinery.
>>> from zope.app.session.interfaces import ISessionData, ISessionPkgData
>>> ISessionData.providedBy(sdc[client_id])
True
>>> ISessionPkgData.providedBy(sdc[client_id][pkg_id])
True
The ``ISessionDataContainer`` is responsible for expiring session data.
The expiry time can be configured by settings its ``timeout`` attribute.
>>> sdc.timeout = 1200 # 1200 seconds or 20 minutes
Restrictions
============
Data stored in the session must be persistent or picklable.
>>> class NoPickle(object):
... def __getstate__(self):
... raise TypeError("Cannot serialize")
>>> session['oops'] = NoPickle()
>>> import transaction
>>> transaction.commit()
Traceback (most recent call last):
...
TypeError: Cannot serialize
..
Clean up:
>>> transaction.abort()
Page Templates
==============
Session data may be accessed in page template documents using
TALES::
<span tal:content="request/session:products.foo/color | default">
green
</span>
or::
<div tal:define="session request/session:products.foo">
<script type="text/server-python">
try:
session['count'] += 1
except KeyError:
session['count'] = 1
</script>
<span tal:content="session/count" />
</div>
=========
CHANGES
=========
5.0 (2023-02-10)
================
- Drop support for Python 2.7, 3.5, 3.6.
- Add support for Python 3.8, 3.9, 3.10, 3.11.
4.1.0 (2018-10-22)
==================
- Add support for Python 3.7.
4.0.0 (2017-05-29)
==================
- Add support for Python 3.4, 3.5, 3.6 and PyPy.
- Remove dependency on ``ZODB3`` and other packages that are not used
by this package, leaving behind only ``zope.session``. Packages that
are used during testing are now test dependencies.
3.6.2 (2010-09-01)
==================
- Remove undeclared dependency on ``zope.deferredimport``.
3.6.1 (2010-02-06)
==================
- Include meta.zcml from zope.securitypolicy
3.6.0 (2009-02-01)
==================
- Use ``zope.site`` instead of ``zope.app.folder`` in tests.
3.5.2 (2009-01-27)
==================
- Fixed tearDown-Error in tests.
3.5.1 (2007-10-31)
==================
- Resolve ``ZopeSecurityPolicy`` deprecation warning.
3.5.0 (2007-09-27)
==================
* A release to override an untagged, unreasoned dev release in
``download.zope.org/distribution``.
3.4.3 (2007-09-27)
==================
* Fix package meta-data.
3.4.2 (2007-09-24)
==================
- rebumped to replace faulty egg
- added missing dependecy to ``zope.session``
3.4.1 (2007-09-24)
==================
- Added missing files to egg distribution
3.4.0 (2007-09-24)
==================
- Initial documented release
Raw data
{
"_id": null,
"home_page": "https://github.com/zopefoundation/zope.app.session",
"name": "zope.app.session",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "zope3 session",
"author": "Zope Corporation and Contributors",
"author_email": "zope-dev@zope.dev",
"download_url": "https://files.pythonhosted.org/packages/54/c3/193baf850fe924357daa6ee159d1c66afea251955f1b45f77f526cdc8f2d/zope.app.session-5.0.tar.gz",
"platform": null,
"description": "This package provides session support.\n\n\n==============================\n Zope3 Session Implementation\n==============================\n\n.. note:: All interfaces and implementations provided by this package\n have been migrated to ``zope.session``. This package now\n merely provides ZMI menu configuration.\n\nOverview\n========\n\n.. CAUTION::\n Session data is maintained on the server. This gives a security\n advantage in that we can assume that a client has not tampered with\n the data. However, this can have major implications for scalability\n as modifying session data too frequently can put a significant load\n on servers and in extreme situations render your site unusable.\n Developers should keep this in mind when writing code or risk\n problems when their application is run in a production environment.\n\n Applications requiring write-intensive session implementations (such\n as page counters) should consider using cookies or specialized\n session implementations.\n\nSessions allow us to fake state over a stateless protocol - HTTP.\nWe do this by having a unique identifier stored across multiple\nHTTP requests, be it a cookie or some id mangled into the URL.\n\n\nThe ``IClientIdManager`` Utility provides this unique id. It is\nresponsible for propagating this id so that future requests from the\nclient get the same id (eg. by setting an HTTP cookie). (Note that\nthis, and all interfaces, are imported from this package for\ndemonstration purposes only. They have been moved to\n``zope.session.interfaces``) This utility is used when we adapt the\nrequest to the unique client id:\n\n >>> from zope.app.session.interfaces import IClientId\n >>> IClientId\n <InterfaceClass zope.session.interfaces.IClientId>\n >>> client_id = IClientId(request)\n\nThe ``ISession`` adapter gives us a mapping that can be used to store\nand retrieve session data. A unique key (the package id) is used\nto avoid namespace clashes:\n\n >>> from zope.app.session.interfaces import ISession\n >>> pkg_id = 'products.foo'\n >>> session = ISession(request)[pkg_id]\n >>> session['color'] = 'red'\n\n >>> session2 = ISession(request)['products.bar']\n >>> session2['color'] = 'blue'\n\n >>> session['color']\n 'red'\n >>> session2['color']\n 'blue'\n\n\nData Storage\n============\n\nThe actual data is stored in an ``ISessionDataContainer`` utility.\n``ISession`` chooses which ``ISessionDataContainer`` should be used by\nlooking up as a named utility using the package id. This allows\nthe site administrator to configure where the session data is actually\nstored by adding a registration for desired ``ISessionDataContainer``\nwith the correct name.\n\n >>> from zope.app.session.interfaces import ISessionDataContainer\n >>> from zope.component import getUtility\n >>> sdc = getUtility(ISessionDataContainer, pkg_id)\n >>> sdc[client_id][pkg_id] is session\n True\n >>> sdc[client_id][pkg_id]['color']\n 'red'\n\nIf no ``ISessionDataContainer`` utility can be located by name using the\npackage id, then the unnamed ``ISessionDataContainer`` utility is used as\na fallback. An unnamed ``ISessionDataContainer`` is automatically created\nfor you, which may replaced with a different implementation if desired.\n\n >>> ISession(request)['unknown'] \\\n ... is getUtility(ISessionDataContainer)[client_id]['unknown']\n True\n\nThe ``ISessionDataContainer`` contains ``ISessionData`` objects, and\n``ISessionData`` objects in turn contain ``ISessionPkgData`` objects. You\nshould never need to know this unless you are writing administrative\nviews for the session machinery.\n\n >>> from zope.app.session.interfaces import ISessionData, ISessionPkgData\n >>> ISessionData.providedBy(sdc[client_id])\n True\n >>> ISessionPkgData.providedBy(sdc[client_id][pkg_id])\n True\n\nThe ``ISessionDataContainer`` is responsible for expiring session data.\nThe expiry time can be configured by settings its ``timeout`` attribute.\n\n >>> sdc.timeout = 1200 # 1200 seconds or 20 minutes\n\n\nRestrictions\n============\n\nData stored in the session must be persistent or picklable.\n\n >>> class NoPickle(object):\n ... def __getstate__(self):\n ... raise TypeError(\"Cannot serialize\")\n >>> session['oops'] = NoPickle()\n >>> import transaction\n >>> transaction.commit()\n Traceback (most recent call last):\n ...\n TypeError: Cannot serialize\n\n..\n Clean up:\n\n >>> transaction.abort()\n\n\nPage Templates\n==============\n\n Session data may be accessed in page template documents using\n TALES::\n\n <span tal:content=\"request/session:products.foo/color | default\">\n green\n </span>\n\n or::\n\n <div tal:define=\"session request/session:products.foo\">\n <script type=\"text/server-python\">\n try:\n session['count'] += 1\n except KeyError:\n session['count'] = 1\n </script>\n\n <span tal:content=\"session/count\" />\n </div>\n\n\n=========\n CHANGES\n=========\n\n5.0 (2023-02-10)\n================\n\n- Drop support for Python 2.7, 3.5, 3.6.\n\n- Add support for Python 3.8, 3.9, 3.10, 3.11.\n\n\n4.1.0 (2018-10-22)\n==================\n\n- Add support for Python 3.7.\n\n\n4.0.0 (2017-05-29)\n==================\n\n- Add support for Python 3.4, 3.5, 3.6 and PyPy.\n\n- Remove dependency on ``ZODB3`` and other packages that are not used\n by this package, leaving behind only ``zope.session``. Packages that\n are used during testing are now test dependencies.\n\n\n3.6.2 (2010-09-01)\n==================\n\n- Remove undeclared dependency on ``zope.deferredimport``.\n\n3.6.1 (2010-02-06)\n==================\n\n- Include meta.zcml from zope.securitypolicy\n\n3.6.0 (2009-02-01)\n==================\n\n- Use ``zope.site`` instead of ``zope.app.folder`` in tests.\n\n3.5.2 (2009-01-27)\n==================\n\n- Fixed tearDown-Error in tests.\n\n3.5.1 (2007-10-31)\n==================\n\n- Resolve ``ZopeSecurityPolicy`` deprecation warning.\n\n3.5.0 (2007-09-27)\n==================\n\n* A release to override an untagged, unreasoned dev release in\n ``download.zope.org/distribution``.\n\n\n3.4.3 (2007-09-27)\n==================\n\n* Fix package meta-data.\n\n3.4.2 (2007-09-24)\n==================\n\n- rebumped to replace faulty egg\n\n- added missing dependecy to ``zope.session``\n\n\n3.4.1 (2007-09-24)\n==================\n\n- Added missing files to egg distribution\n\n\n3.4.0 (2007-09-24)\n==================\n\n- Initial documented release\n",
"bugtrack_url": null,
"license": "ZPL 2.1",
"summary": "Zope session",
"version": "5.0",
"split_keywords": [
"zope3",
"session"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "179b461243d963f64dd964a65799564d0dc5baeb5f4f75071d9ee2856bdbdb07",
"md5": "c6b4185bac1bf4bbc1837bf3772753b6",
"sha256": "179346b8a50db1be3cc4f7622eed990864987b8a28cb5ead7ba74bd2ff3d1c5a"
},
"downloads": -1,
"filename": "zope.app.session-5.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c6b4185bac1bf4bbc1837bf3772753b6",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 15300,
"upload_time": "2023-02-10T09:22:01",
"upload_time_iso_8601": "2023-02-10T09:22:01.775731Z",
"url": "https://files.pythonhosted.org/packages/17/9b/461243d963f64dd964a65799564d0dc5baeb5f4f75071d9ee2856bdbdb07/zope.app.session-5.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "54c3193baf850fe924357daa6ee159d1c66afea251955f1b45f77f526cdc8f2d",
"md5": "32cfb890bd4053ee608ce9f8677499e7",
"sha256": "059e7f261e2320619fce16c2c077735db39bc42078880fbb2ee03f604be6733b"
},
"downloads": -1,
"filename": "zope.app.session-5.0.tar.gz",
"has_sig": false,
"md5_digest": "32cfb890bd4053ee608ce9f8677499e7",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 13534,
"upload_time": "2023-02-10T09:22:04",
"upload_time_iso_8601": "2023-02-10T09:22:04.133140Z",
"url": "https://files.pythonhosted.org/packages/54/c3/193baf850fe924357daa6ee159d1c66afea251955f1b45f77f526cdc8f2d/zope.app.session-5.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-02-10 09:22:04",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "zopefoundation",
"github_project": "zope.app.session",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"tox": true,
"lcname": "zope.app.session"
}
JSON
