[Commits] python.it commit r199 -
twisted/trunk/contrib/nevow/doc/txt
commit a svn.python.it
commit a svn.python.it
Gio 20 Lug 2006 22:53:58 CEST
Author: manlio
Date: Thu Jul 20 22:53:57 2006
New Revision: 199
Added:
twisted/trunk/contrib/nevow/doc/txt/nevow-sessions.txt
Log:
sessioni
Added: twisted/trunk/contrib/nevow/doc/txt/nevow-sessions.txt
==============================================================================
--- (empty file)
+++ twisted/trunk/contrib/nevow/doc/txt/nevow-sessions.txt Thu Jul 20 22:53:57 2006
@@ -0,0 +1,222 @@
+============================
+Sessions? What are sessions?
+============================
+
+HTTP Protocol
+-------------
+
+First some notes about the HTTP protocol, what means to have a
+stateless protocol and what is a REST architecture.
+
+Please note that not all Nevow's users are expert of HTTP.
+
+XXX:
+
+ Maybe this section should be in another chapter.
+
+Now it whould help to have some use cases of a stateless protocol.
+Is is important to show a pure REST solution to problems that are
+usually solved with sessions.
+
+XXX:
+
+ Here can go a simple example of HTTP Basic Authentication, with some
+ mixin class for the rend.Page that force authentication on every
+ page.
+
+ Show the advantages of this solution and it's disavantage.
+
+Sessions can provide a valid alternative to pure REST solutions, but
+**add** simple examples that are not possible without sessions.
+
+
+HTTP Cookies
+------------
+
+The HTTP solution for adding state are Cookies.
+
+*Again*, don't assume that users are expert of Cookies, so explain what
+cookies are **and** what spec to use.
+
+Now explain the interface offered by Twisted Web/Nevow to Cookie:
+
+ IRequest.addCookie and IRequest.getCookie -> describe
+
+Give some example about how to use coockies directly in your code (using
+the cookie name as dictionary key).
+
+
+Nevow Sessions
+--------------
+
+This is an higher level interface to sessions. The default
+implementation uses Cookies.
+
+XXX:
+
+ this means that it is possible to support sessions without using
+ cookies?
+
+The interface is INevow.ISession -> describe
+
+XXX:
+
+ In the source code there are **two** ISession classes.
+
+ Moreover there is this comment in
+ appserver.NevowRequest.SetSession::
+
+ ## temporary until things settle down with the new sessions
+
+ What means?
+
+A session is obtained with:
+
+ IRequest.getSession(self, sessionInterface=None)
+
+For now let's ignore the sessionInterface argument.
+
+When calling getSession the first time, a session cookie will be
+created.
+
+The name of the cookie is TWISTED_SESSION.
+
+XXX:
+
+ Can I change this name? No: it is hard written in the source code.
+
+
+
+How to use sessions
++++++++++++++++++++
+
+Sessions can be used in several ways.
+
+* Using the session object to store state.
+
+ Here comes the **advantages** of a dynamic language like Python.
+ Since objects are dinamic you can add variables to instances.
+
+ Example::
+
+ def data_counter(self, ctx, data):
+ session = inevow.ISession(ctx)
+ count = getattr(session, "count", 1)
+ session.count = count + 1
+
+ return count
+
+
+ Note that you need to proper initialize your variable.
+
+ This example also show the **advantages** of an asynchronous
+ framework.
+ No need to serialize the session or to use locks.
+
+ XXX:
+
+ But this is hidden from users of, say, mod_python (?).
+
+
+* Using session.uid as a key to loock up a dictionary
+ (why one want to do so?).
+
+* Using session.sessionNamespaces. This will return a dictionary.
+
+ Example::
+
+ def data_counter(self, ctx, data):
+ session = inevow.ISession(ctx)
+ d = session.sessionNamespaces
+
+ d["count"] = d.setdefault("count", 0)
+ d["count"] += 1
+
+ return d["count"]
+
+ XXX:
+
+ This attribute is not documented. What is it for?
+
+
+Advanced Session usage
+++++++++++++++++++++++
+
+
+XXX:
+
+ documentation stolen from
+ http://twistedmatrix.com/projects/web/documentation/howto/picturepile.html#auto2
+
+Since only one Session exists per user for all applications on the
+server, the Session object is Componentized, and each application adds
+adapters to contain their own state and behaviour, as explained in the
+Components documentation. So, we start with an interface, and a class
+that implements it, and registration of our class upon Session::
+
+ from zope.interface import Interface, implements
+
+ class IPreferences(Interface):
+ pass
+
+ class Preferences:
+ implements(IPreferences)
+
+ components.registerAdapter(Preferences, server.Session, IPreferences)
+
+
+We're just going to store data on this class, so no methods are defined.
+
+We can use this session object to store user preference, like
+thumbnail size::
+
+
+ def render_thumbnail(self, ctx, data):
+ request = inevow.IRequest(ctx)
+
+ prefs = request.getSession(IPreferences)
+ size = getattr(prefs, 'size','200')
+
+ return ctx.tag[a.img(src="data/", width=size, height=size)]
+
+XXX:
+
+ The example does not works. How to use componentized sessions?
+
+
+Advanced session control
+++++++++++++++++++++++++
+
+Cookies (and thus Nevow sessions) offer several options to fine control
+its behaviour.
+
+On of this is the path where cookie should be used. This is not
+controllable with Session.
+
+An important property is coockie's lifetime.
+
+XXX:
+
+ In the interface documentation for ISession there is a setLifetime
+ method, but this is **not** implemented (and it references Guard).
+
+XXX:
+
+ It seems that Twisted set only the `path` property on session,
+ ignoring `expires`, `domain`, `max_age`, `comment` and `secure`
+
+
+When Twisted creates a session, it checks every 30 minutes that it is
+up to date.
+The session object has a lastModified attributes, controlled on the
+server.
+
+You che can explicitly call the metod checkExpired, but it will expire the
+session only if has not been touched in 15 minutes.
+
+All this constants are **hard written** in the code.
+
+A nice feature of Session is that you can register a callback to be
+called when the session expires, just use the method::
+
+ notifyOnExpire(callback)
Maggiori informazioni sulla lista
Commits