HTTPS clone URL
Subversion checkout URL
dound edited this page · 31 revisions
- The readme explains how to install and use gae-sessions.
- See how it compares to other session libraries.
- View the documentation.
- The library is tested with significant functionality tests (test coverage data).
- If you have questions or need help, try posting to the gae-sessions group at firstname.lastname@example.org or visiting the google group webpage.
- Add support for expiring cookie sessions when the browser closes.
- Add the Vary header when appropriate (enables users to also use Django cache middleware).
- Thanks to Elias Naur for providing the patch for both of the above improvements.
- gae-sessions is now thread-safe.
- Thanks to Sylvain for suggesting this.
- Corrupt session data is now handled more gracefully.
- Thanks to Chris for suggesting a patch to accomplish this.
- Thanks to Calvin for the initial implementation of this method.
- memcache keys associated with sessions now expire when the associated session expires.
- In the past, they would remain until memcache evicted them.
- Thanks to Anton for reporting this issue.
Issue #10/ Add new option which instructs the client to only send session cookies over a secure channel.
- Thanks to msmart for suggesting this.
Issue #8/ GAE 1.3.6 compatibility: explicitly specify namespace for all datastore/memcache operations.
- Thanks to owebeeone for suggesting this.
- This ensures session data is always stored and retrieved from the same namespace.
- Compatibility fix: Internet Explorer no longer discards gae-sessions cookies when the browser is closed.
- Apparently, IE requires cookie expirations to be specified in GMT (v1.02 specified them in PST).
- Security improvement: gae-sessions’ cookies now specify
- Bug fix: The sessions cleanup method would fail if there were >500 expired sessions.
DjangoSessionMiddleware– enable Django users to use gae-sessions.
- Secure cookies are now used for small sessions. This is 10-100x faster!
- This feature may disabled by passing
- This feature may disabled by passing
- Pickle format v2 is now used. This improves performance a bit.
- Added significant tests to automatically verify correctness as best as possible.
- Expiration times are now specified as UNIX timestamps (instead of datetime objects).
memcache_onlyoption is now called
- Several other minor code improvements.
- Added a
memcache_onlyoption (defaults to False).
SessionMiddleware.__init__()now takes configuration parameters (see the readme for details).
- In the past, you had to edit the source to change the configuration.
- Performance fix: if
set_quick()was called multiple times, data might be persisted to the datastore unnecessarily.
regenerate_id()and documented it in the readme.
- Fixed a regression in v0.7 which caused old session data to be deleted when changing session IDs.
set_quick()now starts a new session if one isn’t currently active – just like
- Documentation strings have been improved
- Support has been added for generating documentation via sphinx.
- Session data is now lazily loaded. If you don’t read/write it, no overhead is added.
- Expiration date handling has been improved.
- Starting in v0.5, expiration time is in the sid, so there is no need to also store it in the session data.
clear()method to Session.
- Cleanly handle bogus cookies which specify session ID to be the empty string.
- Session data can now be retrieved manually (via session ID).
Issue #2: added support for cleaning up expired sessions from the datastore.
- Thanks to Amir Shimoni for suggesting this
- Added a demo cronjob which uses the provided cleanup function to remove expired sessions daily.
- Fix regression in v0.04 which caused the datastore to never be used (oops).
- Added support for “quick” methods which only save changes to memcache (avoiding a datastore put).
- Added a new demo which uses Google Accounts for authentication.
- The original demo now works regardless of what port the development server is running on.
- Cleanly handle any
db.delete()failure (could occur if the datastore goes into read-only mode, etc.)
Issue #1: A license is now specified (Apache License v2).
- Initial Beta Release