klein.interfaces.ISession

interface documentation

class ISession(Interface): (source)

Known implementations: klein.storage._memory.MemorySession

View In Hierarchy

An ISession provider contains an identifier for the session, information about how the session was negotiated with the client software, and

Method authorize Retrieve other objects from this session.
Attribute authenticatedBy A SessionMechanism indicating what mechanism was used to authenticate this session.
Attribute identifier str identifying a session.
Attribute isConfidential A bool indicating whether this session mechanism transmitted over an encrypted transport, i.e., HTTPS. If True, this means that this session can be used for sensitive information; otherwise, the information contained in it should be considered to be available to attackers.
def authorize(interfaces): (source)

Retrieve other objects from this session.

This method is how you can retrieve application-specific objects from the general-purpose session; define interfaces for each facet of something accessible to a session, then pass it here and to the ISessionStore implementation you're using.

Parameters
interfaces:Iterable[Type[Interface]]A list of interfaces.
Returns
Deferred firing with dict mapping zope.interface.interfaces.IInterface to providers of each interface. Interfaces which cannot be authorized will not be present as keys in this dictionary.all of the providers that could be retrieved from the session.
authenticatedBy = (source)

A SessionMechanism indicating what mechanism was used to authenticate this session.

identifier = (source)

str identifying a session.

This value should be:

  1. unique - no two sessions have the same identifier
  2. unpredictable - no one but the receipient of the session should be able to guess what it is
  3. opaque - it should contain no interesting information
isConfidential = (source)

A bool indicating whether this session mechanism transmitted over an encrypted transport, i.e., HTTPS. If True, this means that this session can be used for sensitive information; otherwise, the information contained in it should be considered to be available to attackers.