[Cubicweb] Pyramid & Cubicweb sessions/authentication integration

Christophe de Vienne christophe at unlish.com
Mon Jul 7 11:02:08 CEST 2014


Le 07/07/2014 10:48, Aurélien Campéas a écrit :
> On 07/07/2014 10:43, Christophe de Vienne wrote:
>> I forgot to say that a side-effect is persistent sessions for free.
>>
> I somehow doubt that, barring some misunderstanding of the scope
> of "persistent sessions" when applied to cubicweb. The repo-side
> *has* to learn about persistent sessions.
>
> I don't doubt that you can get a web-level session "store" that
> can provide the illusion however (as I did with the dogpile.cache
> experiment).


You are right, it is not cw sessions that are persistents, but the web
sessions and identity of the user.
A cw session is regenerated when needed.

That said, I came to wonder what is the actual scope of a cubicweb session.
For what I understand, it holds the identity of a user, and can provide
connections to the repo.
If it is only that, then we could, if not get rid of them, at least
consider them only as an identity cache that is renewable on-demand and
does not need to be bound to the web-session.

But I sense it is a little more because of the session-data. The thing I
don't know is how these session-data are used and how much do they
really need to be strongly bounded to the web-session.

Some insights on this would be welcome.

Christophe



More information about the Cubicweb mailing list