Italiano English
Locked History Actions


How sessions work in MoinMoin

Sessions in MoinMoin are implemented using the authentication framework, see HelpOnAuthentication for more details. By default, the function MoinMoin.auth.moin_session is contained in the config.auth list and is responsible for managing sessions. You can use it together with any other authentication method if you need sessions.

As a programmer, in order to use session variables, you can use request.session like a dict, values stored there are automatically saved and restored if a session is available.

Code using the session framework currently includes:

  • the superuser "change user" functionality, see HelpOnSuperUser

  • the visited pages trail

Anonymous sessions

Anonymous sessions are supported by including the MoinMoin.auth.moin_anon_session function into config.auth and setting config.anonymous_cookie_lifetime. Cookies for anonymous sessions expire after config.anonymous_cookie_lifetime hours (can be fractional), however, the expiry is not verified. Saved state is removed earliest an hour after the session cookie has expired.

Replacing moin_session

It is possible to replace moin_session in the auth configuration list. The new session handler should assign request.session based on a cookie or other information. The request.session object must be a dict-like object and it should implement session data expiry, cf. MoinMoin.auth.SessionData.

Session example code

Here's an example macro using the session code:

   1 # -*- coding: iso-8859-1 -*-
   3 """
   4     Tests session state.
   5 """
   7 Dependencies = ['time']
   9 def execute(macro, args):
  10     if 'test' in macro.request.session:
  11         return macro.formatter.text(macro.request.session['test'])
  12     import random
  13     value = random.randint(1, 100000)
  14     macro.request.session['test'] = value
  15     return macro.formatter.text("set to value %d" % value)