All geek questions in one place

Redis Session Storage for Django and Express.js Sharing

I want to create a Django application with some registered users. On the other hand, since I need some features in real time, I want to use the Express.js application.

Now the problem is that I do not want users without authorization to access Express.js applications. So I need to split session storage between Express.js and Django applications.

I thought using Redis would be a good idea, since volatile keys are perfect for this fit, and I'm already using Redis for another part of the application.

In the Express.js application, I will have this code:

[...] this.sessionStore = new RedisStore; this.use(express.session({ // Private crypting key secret: 'keyboard cat', // I'm worried about this for session sharing store: this.sessionStore, cookie: { maxAge: 1800000 } })) [...]

On the Django side, I would consider using django-redis-session .

So is this a good idea? There will be no problems? Especially about the secret key, I'm not sure that both of them will participate in the same sessions.

+6
source share
1 answer

You will need to write your own session store for Express or Django. Django by default (as well as in django-redis-session) stores sessions as pickled Python objects. Express stores sessions as JSON strings. Express, with a-redis connection, stores sessions under the sess:sessionId key in redis, while Django (not quite sure about this) seems to save them under the sessionId key. Perhaps you can use django-redis-sessions as a base and override encode , decode , _get_session_key , _set_session_key and possibly a few others. You will also need to make sure that cookies are stored and encrypted in the same way.

Obviously, it will be harder to create a session repository for Express that can sort and decompress Python objects.

+3
source

Source: https://habr.com/ru/post/909052/

More articles:


All Articles