CODEWITHSUNDEEP
pythoncherrypy
ibrewster
ibrewster

Reputation: 3622

Cherrypy Session Timeout questions

Two questions regarding session timeouts in cherrypy:

1) Is there a way to determine the remaining time in a session? This is related to trying to use http://plugins.jquery.com/epilgrim.sessionTimeoutHandler/

2) Is there a way to make a call to cherrypy NOT reset the timeout, such that the plugin above could call a URL to determine the time remaining in the session without resetting said time

Edit to help clarify: The purpose here is to be able to have a client-side process that periodically queries the server via AJAX to determine the amount of time left in a users session. This is to overcome difficulties with keeping a client side session timeout timer in-sync with the server-side timer - I'd like to simply have the client ask the server "how much time do I have left?" and act accordingly. Of course, if the act of asking resets the timeout, then this won't work, as the AJAX "time left" requests would essentially become a session keep-alive. So I need to be able to make an AJAX query to the server without resetting the session timeout timer for the user.

Upvotes: 0

Views: 3942

Answers (3)

Andrew Haritonkin
Andrew Haritonkin

Reputation: 193

I have found the answer to 2) question while going through source code of cherrypy session class. Apparently, you do not want to save session after serving such requests - this will then also not update expiration time (and will not save any changes to session object).

I found in the source code that setting cherrypy.serving.request._sessionsaved = True does exactly that. And added decorator for convinience:

def nosessionsave( func ):
"""
Decorator to avoid session saving and thus not resetting session timeout.
"""
def decorate( *args, **data ):
    cherrypy.serving.request._sessionsaved = True
    return func( *args, **data )
return decorate

Just add @nosessionsave before method def.

Upvotes: 0

Andrew Kloos
Andrew Kloos

Reputation: 4588

I believe cherrypy uses the expiration time in the cookie with the key session_id. Mine says: 

Wed 22 Jan 2014 03:44:31 PM EST

You could extend the expiration with your set of circumstances and edit the session cookie.

EDIT: You will also need to extend the server timeout...

cherrypy.request.config.update({'tools.sessions.timeout': 60})

https://groups.google.com/forum/#!topic/cherrypy-users/2yrG79QoYFQ

Hope this helps!

Upvotes: 1

jwalker
jwalker

Reputation: 2009

You need to subclass the session and add a "stats" function to it and a flag to prevent saving in the session "stats" request handler. Or disable sessions in the config for the "stats" path and load session exp info directly from your storage without using normal session class.

Upvotes: 0

Related Questions