[Cubicweb] Pyramid & Cubicweb sessions/authentication integration

Aurélien Campéas aurelien.campeas at logilab.fr
Mon Jul 7 11:13:43 CEST 2014


On 07/07/2014 11:02, Christophe de Vienne wrote:
> Le 07/07/2014 10:48, Aurélien Campéas a écrit :
>> On 07/07/2014 10:43, Christophe de Vienne wrote:
>>> I forgot to say that a side-effect is persistent sessions for free.
>>>
>> I somehow doubt that, barring some misunderstanding of the scope
>> of "persistent sessions" when applied to cubicweb. The repo-side
>> *has* to learn about persistent sessions.
>>
>> I don't doubt that you can get a web-level session "store" that
>> can provide the illusion however (as I did with the dogpile.cache
>> experiment).
> 
> 
> You are right, it is not cw sessions that are persistents, but the web
> sessions and identity of the user.
> A cw session is regenerated when needed.
> 
> That said, I came to wonder what is the actual scope of a cubicweb session.
> For what I understand, it holds the identity of a user, and can provide
> connections to the repo.

As of the top end of the persistent sessions stack, it is that,
plus `.data`.

> If it is only that, then we could, if not get rid of them, at least
> consider them only as an identity cache that is renewable on-demand and
> does not need to be bound to the web-session.
> 
> But I sense it is a little more because of the session-data. The thing I
> don't know is how these session-data are used and how much do they
> really need to be strongly bounded to the web-session.

They are not massively used but are clearly needed.

Regards,
Aurélien.






More information about the Cubicweb mailing list