[Cubicweb] Pyramid & Cubicweb sessions/authentication integration
aurelien.campeas at logilab.fr
Mon Jul 7 11:51:24 CEST 2014
On 07/07/2014 11:43, Christophe de Vienne wrote:
> Le 07/07/2014 11:13, Aurélien Campéas a écrit :
>> On 07/07/2014 11:02, Christophe de Vienne wrote:
>>> You are right, it is not cw sessions that are persistents, but the web
>>> sessions and identity of the user.
>>> A cw session is regenerated when needed.
>>> That said, I came to wonder what is the actual scope of a cubicweb session.
>>> For what I understand, it holds the identity of a user, and can provide
>>> connections to the repo.
>> As of the top end of the persistent sessions stack, it is that,
>> plus `.data`.
>>> If it is only that, then we could, if not get rid of them, at least
>>> consider them only as an identity cache that is renewable on-demand and
>>> does not need to be bound to the web-session.
>>> But I sense it is a little more because of the session-data. The thing I
>>> don't know is how these session-data are used and how much do they
>>> really need to be strongly bounded to the web-session.
>> They are not massively used but are clearly needed.
> The need for cw persistent sessions looks needed, but for now I fail to
> see real-life example where a strong bind to the web-session is required.
What do you mean by strong bind ?
If the cubes expect session.data to be there, it's strong... not ?
Anyway, the session is accessible through cnx.session so what's
the problem ?
More information about the Cubicweb