Add server side session using Flask-Session

In Flask, session data are stored in a cookie by default. Using a server side session, there is no risk of putting too much data in the session and transmissting a big cookie on every request (only an id is sent in the cookie). Redis is used as backend (without persistent storage).

Add server side session using Flask-Session
In Flask, session data are stored in a cookie by default. Using a server side session, there is no risk of putting too much data in the session and transmissting a big cookie on every request (only an id is sent in the cookie). Redis is used as backend (without persistent storage).
d5d3530a · Benjamin Bertrand · f5604193 · d5d3530a · d5d3530a · d5d3530a
Commit d5d3530a authored 7 years ago by Benjamin Bertrand
--- a/Makefile
+++ b/Makefile
@@ -25,6 +25,7 @@ push: ## push the latest and git tag image
 clean: ## remove the image with git tag and the test database
 	-docker rmi $(OWNER)/$(IMAGE):$(GIT_TAG)
 	-docker rm -f csentry_postgres
+	-docker rm -f csentry_redis

 refresh: ## pull the latest image from Docker Hub
 # skip if error: image might not be on dockerhub yet
@@ -36,8 +37,8 @@ release: refresh \
 	push
 release: ## build, tag, and push all stacks

-db: ## start postgres for development
-	docker-compose up -d postgres
+db: ## start postgres and redis for development
+	docker-compose up -d postgres redis

 initdb: ## initialize the dev database
 	docker-compose run --rm web flask initdb
@@ -45,9 +46,9 @@ initdb: ## initialize the dev database
 test:  ## run the tests (on current directory)
 	docker-compose run --rm web pytest --cov=app -v

-db_image: ## start postgres to test the latest image
+db_image: ## start postgres and redis to test the latest image
 # Pass docker-compose.yml to skip docker-compose.override.yml
-	docker-compose -f docker-compose.yml up -d postgres
+	docker-compose -f docker-compose.yml up -d postgres redis

 test_image:  ## run the tests (on the latest image)
 # Pass docker-compose.yml to skip docker-compose.override.yml

--- a/app/extensions.py
+++ b/app/extensions.py
@@ -19,6 +19,8 @@ from flask_admin import Admin
 from flask_mail import Mail
 from flask_jwt_extended import JWTManager
 from flask_debugtoolbar import DebugToolbarExtension
+from flask_redis import FlaskRedis
+from flask_session import Session


 convention = {
@@ -39,3 +41,5 @@ admin = Admin(template_mode='bootstrap3')
 mail = Mail()
 jwt = JWTManager()
 toolbar = DebugToolbarExtension()
+redis_store = FlaskRedis()
+fsession = Session()
--- a/app/factory.py
+++ b/app/factory.py
@@ -13,7 +13,8 @@ import sqlalchemy as sa
 from flask import Flask
 from whitenoise import WhiteNoise
 from . import settings, models
-from .extensions import db, migrate, login_manager, ldap_manager, bootstrap, admin, mail, jwt, toolbar
+from .extensions import (db, migrate, login_manager, ldap_manager, bootstrap,
+                         admin, mail, jwt, toolbar, redis_store, fsession)
 from .admin.views import (AdminModelView, ItemAdmin, UserAdmin, GroupAdmin, TokenAdmin,
                          NetworkAdmin)
 from .inventory.views import bp as inventory
@@ -92,6 +93,9 @@ def create_app(config=None):
    mail.init_app(app)
    jwt.init_app(app)
    toolbar.init_app(app)
+    redis_store.init_app(app)
+    app.config['SESSION_REDIS'] = redis_store
+    fsession.init_app(app)

    admin.init_app(app)
    admin.add_view(GroupAdmin(models.Group, db.session))

--- a/app/settings.py
+++ b/app/settings.py
@@ -26,6 +26,9 @@ JWT_BLACKLIST_ENABLED = True
 JWT_BLACKLIST_TOKEN_CHECKS = ['access', 'refresh']
 JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=12)

+SESSION_TYPE = 'redis'
+REDIS_URL = 'redis://redis:6379/0'
+
 LDAP_HOST = 'esss.lu.se'
 LDAP_BASE_DN = 'DC=esss,DC=lu,DC=se'
 LDAP_USER_DN = 'OU=ESS Users'

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,6 +6,7 @@ services:
    command: pytest --cov=app -v
    depends_on:
      - postgres
+      - redis
  postgres:
    image: postgres:10
    container_name: csentry_postgres
@@ -18,3 +19,6 @@ services:
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_DB: ${POSTGRES_DB}
      PGDATA: /var/lib/postgresql/data/pgdata
+  redis:
+    image: redis:4.0
+    container_name: csentry_redis
--- a/environment.yml
+++ b/environment.yml
@@ -57,6 +57,7 @@ dependencies:
 - python-editor=1.0.3=py36_0
 - qrcode=5.3=py36_0
 - readline=6.2=0
+- redis-py=2.10.6=py_0
 - setuptools=36.7.2=py36_0
 - six=1.11.0=py36_1
 - sqlalchemy=1.1.13=py36_0
@@ -74,6 +75,8 @@ dependencies:
  - email-validator==1.0.2
  - git+https://github.com/beenje/flask-bootstrap@4.0.0-beta.1.dev1
  - flask-ldap3-login==0.9.13
+  - flask-redis==0.3.0
+  - flask-session==0.3.1
  - inflection==0.3.1
  - pytest-factoryboy==1.3.1
  - sqlalchemy-citext==1.3.post0