[mod_python] Sessions + Publisher

Todd Boland itodd at itodd.org
Tue Sep 21 21:12:06 EDT 2004 

Hello again!

In my experiences as a web developer (I'm coming from a Perl/Mason 
environment), I've found that the convenience of "transparently" 
generating sessions outweighs the performance hit.

I'm trying to implement sessions "transparently" using 2 handlers for 
every request. The first handler makes sure a session is set, if it was 
just created, it will forward the browser to a login page (like the 
documentation suggests). More code that checks session ids against 
values in the database to authenticate users will eventually be added.

By the time a request gets to the second handler (the Publisher 
handler), sessions have preemptively been taken care of (it's totally 
"transparent").

The problem I'm having is: I end up in an infinite redirect loop:

The session handler:

from mod_python import apache, util
from mod_python.Session import Session
from RPM.common import web_root

def handler(req):
         session = Session(req, secret='********')

         # if the session is new, they need to log in
         if session.is_new():

                 # Using util's redirect will set the cookie
                 util.redirect(req, web_root('index.py/login?url=%s' % 
req.uri))

	# TODO: Make sure sid is logged in

	# Hand off to Publisher handler by returning 200 OK
         return apache.OK

session.is_new() always returns 1 even after the session cookie is set 
(after the redirect). Any ideas or nudges in the right direction would 
greatly be appreciated. Thanks!

-- 
Todd

More information about the Mod_python mailing list