开发者

Using beaker sessions for checking if user is authenticated in Pyramid

开发者 https://www.devze.com 2023-04-01 07:10 出处：网络

I\'m creating a webapp using Pyramid with Beaker sessions. I would like to store user id in request.session[\'user_id\'] and some other info after successful signing in and then use it for checking if

相关专题：authentication pyramid python session

I'm creating a webapp using Pyramid with Beaker sessions.

I would like to store user id in request.session['user_id'] and some other info after successful signing in and then use it for checking if user already signed in:

if 'user_id' in request.session:
    # user signed in
else:
    # user not signed in or session is expi开发者_JAVA百科red

The question is: is it safe to rely on sessions or it will be better and/or safer to use Pyramid's authenticated_userid() with remember() and forget() from pyramid.security?

Use pyramid_beaker and the SessionAuthenticationPolicy, then use pyramid.authentication.authenticated_userid() to check if they're logged in or not. If it returns None, they're not.