[mod_python] mod_python session trouble

Jim Gallacher jg.lists at sympatico.ca
Tue May 10 09:56:33 EDT 2005

Graham Dumpleton wrote:
> On 10/05/2005, at 8:33 PM, Wouter van Marle wrote:
>>  Update on my own message:
>>  I have changed the structure a bit, sess has now become req.session, 
>> so I can pass around the session together with the request object easily.
>>  The locking problem has been solved by calling req.session.unlock() 
>> every time after saving the session, however this causes the server to 
>> start a new session for each request, and that's not the idea, as then 
>> info gets lost.

As Graham points out, you shouldn't need to do any unlocking, and even 
if you do it should not cause the loss of data. The session will be 
automatically unlocked during request cleanup phase. Just make sure you 
call sess.save() before the end of your request as saving is not 
automatic. The other way you may get a new session for each request is 
if you start writing the response before the session is created. The 
session must be able to set a cookie in the response sent to the 
browser, and this is not possible if you've already started to send your 

>>  Also I've noticed that writing and reading back of cookies does not 
>> work properly. I'm trying to write a cookie, and when reading it back 
>> in case of a new session I get the old data again. But that's for 
>> another question.

I'm a little unclear why you are reading and writing the cookies, 
assuming you mean the session cookie. When a session is created, the 
request is checked for the existence of a cookie called pysid. If this 
cookie is found it's value is used to load the corresponding session 
data from some persistent store (most likely a dbm hash table for your 
system) into the created session instance. If there is no session cookie 
in the request then a session is created with a new session id and a new 
cookie is set in the response header.

> I saving session in "req" anyway, do this:
>>  def home(req):
>>      sess = Session.Session(req)
>>      if sess.is_new():
>>          # get settings from cookies (using Cookie)

This may be where you are confused. As explained above, cookie handling 
is done when the session object is instantiated. What you really want 
here is some session initialization. For example.

         if sess.is_new():
             sess['hits'] = 0
             sess['hits'] = sess['hits'] + 1

>>      # page built up, using sess["language"] for the language setting.
>>      sess.save()
>>      return apache.OK
> def home(req):
>     if not hasattr(req,"session"):
>       req.session = Session.Session(req)
>     if req.session.is_new():
>       ...
>     ...
>     req.session.save()
>     return apache.OK
>>  def english(req)
>>      sess = Session.Session(req)
>>      sess["language"] = "en"
>>      sess.save()
>>      home(req) # to redraw the main page
> def english(req):
>     if not hasattr(req,"session"):
>       req.session = Session.Session(req)
>     req.session["language"] = "en"
>     return home(req)
> Shouldn't need to unlock session then and same session object used.
> Graham


More information about the Mod_python mailing list