Skip to content
Session and Auth module for the Aspen Web Framework
Find file
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


This module contains some standard web framework functionality intended to integrate with the Aspen web framework. Aspen does not currently include these features, so I've created basic implementations of them:

  • Sessions
  • Authentication
  • simple redirect class

The session and auth implementations use mongo_engine for storage. To use them, ensure trembling is on your path and make your Aspen hooks.conf look something like this:

# Startup Hooks

# Inbound Early Hooks

# Inbound Late Hooks

# Outbound Early hooks

# Outbound Late Hooks

# Shutdown Hooks

This assumes your project has a .aspen/ (you can change the startup hook if you prefer a different filename) to configure the database. At a bare minimum it'll look something like this:

from mongoengine import connect

def startup(website):
    website.db = connect("MY_DB_NAME")


There is a trembling.auth.User mongoengine document that you can use to access user data. The auth module also contains login and logout methods. Call them from your simplate with login(request, username, password) and logout(request).

For an example of how these modules can be used in practice, see Todoy


If you want to redirect, raise the trembling.Redirect("url") response. It's a thin wrapper around Response .


Testing requires py.test, and optionally, for code coverage, and pytest-cov. I have the following in my .bashrc:

py.test --cov=. --cov-report=html --cov-config=coveragerc


I'd like to remove the dependency on mongoengine by creating a pluggable session backend engine as is used in Django.

I'm not sure how secure this code is. I took and Django as input, but I've only implemented the bare minimum.

Pull requests are always welcome!

Something went wrong with that request. Please try again.