All geek questions in one place

Is it possible to create different session timeout lengths for different users in Python Flask?

I have an Angular / Flask web application and am trying to create an admin page that will be accessed by a specific url like "/ admin_page". This page will require additional authentication, and you must complete a session timeout that is less than the wait time for all other users .

However, I get the impression that all sessions are generated from the same variable in my flash application, which I configure as such:

app.permanent_session_lifetime = timedelta(seconds=int)

So my question is: is there a way to change the session timeout length for certain users without affecting the duration of the session timeouts of other users?

i.e. If in my route handler for /admin_page I temporarily change the value of app.permanent_session_lifetime , create a user session, and then restore the variable to its original value, will there be any modified session values ​​that were created earlier?

+5
source share
2 answers

Oh sure!

1) if you want this to be a URL-based lifecycle session:

for each view add your configuration line:

 app.permanent_session_lifetime = timedelta(seconds=int)

or

 app.config['PERMANENT_SESSION_LIFETIME'] = <intended_value_in_seconds>

2) if it is intended for each user:

I recommend creating groups and assigning a specific configuration to each group so that you can simply invoke the configuration when necessary.

 def group_session(self, group): if group_session == 'visitors': return app.config['PERMANENT_SESSION_LIFETIME'] == <intended_value_in_seconds> if group_session == 'admin': return app.config['PERMANENT_SESSION_LIFETIME'] == <intended_value_in_seconds> return app.config['PERMANENT_SESSION_LIFETIME']

3), if you prefer the lifetime of a user session, then:

 if user == <chosen_name>: app.config['PERMANENT_SESSION_LIFETIME'] == <intended_value_in_seconds>

Hope this helps!

0
source

A subclass of SecureCookieSessionInterface is the override get_expiration_time () method, where yo can set the session end time for individual sessions.

0
source

Source: https://habr.com/ru/post/1266384/

More articles:


All Articles