asgi-sessions -- Cookie-Based HTTP sessions for ASGI applications (Asyncio / Trio, / Curio)
- Supports base64 sessions
- Supports
JWT
signed sessions - Supports
Fernet
encrypted sessions
- python >= 3.9
asgi-sessions should be installed using pip:
pip install asgi-sessions
To install optional JWT
, Fernet
support:
pip install asgi-sessions[jwt] pip install asgi-sessions[fernet]
Common ASGI applications:
from asgi_sessions import SessionMiddleware
async def my_app(scope, receive, send):
"""Read session and get the current user data from it or from request query."""
# The middleware puts a session into scope['session]
session = scope['session']
status, headers = 200, []
if scope['query_string']:
# Store any information inside the session
session['user'] = scope['query_string'].decode()
status, headers = 307, [(b"location", b"/")]
# Read a stored info from the session
user = (session.get('user') or 'anonymous').title().encode()
await send({"type": "http.response.start", "status": status, "headers": headers})
await send({"type": "http.response.body", "body": b"Hello %s" % user})
app = SessionMiddleware(my_app, session_type='jwt', secret_key="sessions-secret")
# http GET / -> Hello Anonymous
# http GET /?tom -> Hello Tom
# http GET / -> Hello Tom
As ASGI-Tools Internal middleware
from asgi_tools import App
from asgi_sessions import SessionMiddleware
app = App()
app.middleware(SessionMiddleware.setup(session_type='jwt', secret_key='SESSION-SECRET'))
@app.route('/')
async def index(request):
user = request.session.get('user', 'Anonymous')
return 'Hello %s' % user.title()
@app.route('/login/{user}')
async def login(request):
request.session['user'] = request.path_params.get('user', 'Anonymous')
return 'Done'
@app.route('/logout')
async def logout(request, *args):
del request.session['user']
return 'Done'
# http GET / -> Hello Anonymous
# http GET /login/tom -> Done
# http GET / -> Hello Tom
# http GET /logout -> Done
# http GET / -> Hello Anonymous
from asgi_sessions import SessionMiddleware
app = SessionMiddleware(
# Your ASGI application
app,
# Session type (base64|jwt|fernet)
session_type="base64",
# Secret Key for the session (required for JWT/Fernet sessions)
secret_key=None,
# Cookie name to keep the session (optional)
cookie_name='session',
# Cookie max age (in seconds) (optional)
max_age=14 * 24 * 3600,
# Cookie samesite (optional) # Python 3.8+ only
samesite='lax',
# Cookie secure (https only) (optional)
secure=False,
)
If you have any suggestions, bug reports or annoyances please report them to the issue tracker at https://github.com/klen/asgi-sessions/issues
Development of the project happens at: https://github.com/klen/asgi-sessions
Licensed under a MIT license.