You are not allowed to perform this action.

Clear message
Italiano English
Locked History Actions


How sessions work in MoinMoin

Sessions in MoinMoin are implemented using the authentication framework, see HelpOnAuthentication for more details. By default, the function MoinMoin.auth.moin_session is contained in the config.auth list and is responsible for managing sessions. You can use it together with any other authentication method if you need sessions.

As a programmer, in order to use session variables, you can use request.session like a dict, values stored there are automatically saved and restored if a session is available.

Code using the session framework currently includes:

  • the superuser "change user" functionality, see HelpOnSuperUser

  • the visited pages trail

Anonymous sessions

Anonymous sessions are supported by including the MoinMoin.auth.moin_anon_session function into config.auth and setting config.anonymous_cookie_lifetime. Cookies for anonymous sessions expire after config.anonymous_cookie_lifetime hours (can be fractional), however, the expiry is not verified. Saved state is removed earliest an hour after the session cookie has expired.

Replacing moin_session

It is possible to replace moin_session in the auth configuration list. The new session handler should assign request.session based on a cookie or other information. The request.session object must be a dict-like object and it should implement session data expiry, cf. MoinMoin.auth.SessionData.

Session example code

Here's an example macro using the session code:

   1 # -*- coding: iso-8859-1 -*-
   3 """
   4     Tests session state.
   5 """
   7 Dependencies = ['time']
   9 def execute(macro, args):
  10     if 'test' in macro.request.session:
  11         return macro.formatter.text(macro.request.session['test'])
  12     import random
  13     value = random.randint(1, 100000)
  14     macro.request.session['test'] = value
  15     return macro.formatter.text("set to value %d" % value)