The web.auth module use a web.seesion store named
'auth' to hold information about the current signed in user. This means we need to setup the web.seesion objects before we can access the information. See the web.session module for full details.
# Obtain a session store import web.session driver = web.session.driver('database', environment='testEnv', cursor=cursor) if not driver.completeSessionEnvironment(): driver.removeSessionEnvironment(ignoreErrors=True) driver.createSessionEnvironment() manager = web.session.manager(driver=driver) if not manager.load(): manager.create() store = manager.store('auth')
Once we have a valid session store we can create a
AuthSession object as follows:
authSessionManager = web.auth.session(store, expire=0, idle=10)
The web.auth.session() function takes a number of parameters and is documented at the end of this section. In particular expire is the maximum length of time a user can be signed in for. If this is 0 it means the user can be signed in indefinately (although practically the session from the web.session itself will not last forever). idle is the maximum length of time a user can be signed in for without visiting the site. Again a value of 0 means there is no limit.