tags:

views:

26

answers:

1
Q: 

gae-sessions: How to get current session with with only the SID?

I'm using gae-sessions. How can I retrieve a session using only its session identifier (SID)?

Update for response @David Underhill: I've done what you told but in debug mode I got this: Session: SID=None {} | but it has db_key populated with a string

Here is my code:

upload.py

    SID = self.request.get("SID")
    if not SID:
        return False

    from app.models.user import User
    user = User.get_current_user(SID)

user.py

def get_current_user(SID = None):
    if SID:
        session = Session(sid=SID)
    else:
        session = get_current_session()

    if session.has_key('account.logged'):
        return User.get(db.Key(session.get('user.key')))
    else:
        return False

and doesn't exists.

And this is my SID from my cookie: "mMumLZOCq5knTg9edaSjLD+p8xsSohAQSS9vyqpgDso=1289155992_9c2c85c6931a7d133f7e1f0b9ae25502gAJ9cQB9cQEoVQ5hY2NvdW50LmxvZ2dlZHECiFUIdXNlci5rZXlxA1UjYWd0MGIzUjBlWE4zYjNKc1pISUxDeElFVlhObGNoaTNBUXdxBFULYWNjb3VudC5rZXlxBVUnYWd0MGIzUjBlWE4zYjNKc1pISU9DeElIUVdOamIzVnVkQmkyQVF3cQZVDWFjY291bnQuZW1haWxxB1UBdHEIdYZxCS4="

I take this from cookies, with javascript and flex and then send it in a var to python.

+1  A: 

To retrieve a session used only its SID, directly instantiate the Session class:

session = gaesessions.Session(sid="SID of the session you want")

If you want to retrieve a session using only its session ID, then that session must have been persisted to the datastore or memcache. By default, gae-sessions only stores small sessions in secure cookies which are much faster than either memcache or the datastore.

To force a particular session to be saved to the datastore, you can call save(persit_even_if_using_cookie=True) on the session object. This will force it to be stored to the datastore/memcache even if it normally would only be stored in a cookie. This is the best approach if you only need to occasionally access user sessions by SID alone.

If you need to frequently access sessions by SID, then you might be better off disabling the cookie-only mechanism by passing cookie_only_threshold=0 to the SessionMiddleware when you configure it - this will ensure that cookies are never used and that your sessions are always in the datastore.

These details and more are documented more thoroughly in the gae-sessions documentation.

David Underhill  2010-10-30 20:41:33
check out the update in my question. still doesn't work :sI can only try next the cookie_only_threshold=0
Totty  2010-10-30 22:30:11
After you do the `save(persit_even_if_using_cookie=True)` the session should appear in the datastore. Can you manually query the datastore to see if the session is there? (It should be the only one if you typically use cookie-only sessions). Good thought setting dirty=True (only required if you haven't changed anything in your session - since you set user.key, you don't need to set dirty).
David Underhill  2010-10-30 23:25:51
yes, I check in the datastore viewer and exits. I really don't understand why I still can't get my session by sid.. :s
Totty  2010-10-31 15:14:31
Strange; this works for me. Could you perhaps post a small code sample which illustrates the issue? (Or your whole project if you're okay with sharing and don't want to factor out a small sample)
David Underhill  2010-10-31 16:36:59
Hy! I've updated the question.. take a look.. but I can't understand it..
Totty  2010-10-31 18:49:44
get to work! the sessionSid was wrong.. stupid!
Totty  2010-10-31 19:57:35

related questions

What is typically the length of your optimal coding session?
What's the most current, good practice, and easiest way to use sessions in PHP?
What can cause an ASP.NET worker process to be recycled?
How do I explicitly set asp.net sessions to ONLY expire on closing the browser or explicit logou?
session variable mixup in ASP.NET?
In Classic asp, can I store a database connection in the Session object?
What are the advantages and disadvantages of the Session Façade Core J2EE Pattern?
Different values of GetHashCode for inproc and stateserver session variables
Best way for allowing subdomain session cookies using Tomcat
Is there a way to specify a different session store with Tomcat?
PHP: $_SESSION - What are the pros and cons of storing temporarily used data in the $_SESSION variable
What is the best way to handle sessions for a PHP site on multiple hosts?
How much data can/should you store in a users session object?
ASP.Net Session_Start event not firing
Logging image downloads
ASP.Net: If I have the Session ID, Can I get the Session object?
Secure session cookies in ASP.NET over HTTPS
Django Sessions
Can I put an ASP.Net session ID in a hidden form field?
Always including the user in the django template context
Rails - recovering database from Production.log
Most efficient way to get data from the database to session
What is the best way to prevent session hijacking?
FOSS ASP.Net Session Replication Solution?
How do I best detect an ASP.NET expired session?