Hi,
I have a dash plotly application that needs to read the session from django app if the user has successfully logged into session. I store the session of the django app in Redis. I cannot seem to find any way to read the sessions at flask application. How do I do this?
What specifically is the issue or problem that you’re having with this?
Side note: In general, this isn’t going to be a good idea. At a minimum, you’re going to need to import some parts of Django to be able to decode the data stored within the session - see How to use sessions | Django documentation | Django for the details on that. It would be a lot better if you stored the data that needs to be shared directly in a serialized format in Redis. Additionally, you’ll need to pass the Django session id over to flask - which if you’re going to do that, you might as well pass a custom Redis key for that shared location.
Hi Ken,
Does that mean I can create a custom class just like in \django\contrib\sessions\backends\cache.py, inherit the class SessionStore from cache.py and create my own encode and decode function, and also other function which I think I should modify like def _get_new_session_key?
You could, but I don’t think I’d go in that direction. Right off-hand, that seems like a lot more work than necessary.
If I had to do this, I’d look at this more holistically. I’d first be looking at this as a sequence of events. (There are a lot of questions that I would be asking about the “system-as-a-whole” when trying to develop a solution. What’s going to happen on the Django side to cause it to want to share data with Flask? At how many different points in the code does this transfer of information need to occur? Can the code for that be refactored out to a common connection point? Is this communications layer between them one-way or two-way? What are the other architectural or environmental factors involved?)
If I still decided that using Redis as the common data store is the way to go, then I’d most likely just use the Redis API to directly store data in a pre-identified set of keys. Flask can then read those keys on an as-needed bases.
However, I’m probably more likely to define an API endpoint in the Flask app, and allow Django to directly send the data to Flask through that API, but that depends upon the degree of control that I have over both sides of that communication channel.
Hi Ken,
My django website is like the central hub for all our flask applications. We iframe the flask app within the pages in django.
Currently user need to authenticate at django, we will check if they have a list of access required as a whole.
If the user is able to access the homepage of django, he will then browse to other pages to view the iframed flask apps. The thing is now these flask app has to do another round of authentication.
Basically, flask A , B, C, D, etc shares the same Azure authentication, just different access roles. I would like to eliminate the authentication part of all flask apps IF found the django authentication details of the user.
Flask will only perform read-only from django information and not vice verse. django does not have to read anything from these flask apps.
I hope I am clear of my intention, you mentioned to use Redis API? Does that mean I do not use django’s session for flask to read? But how do I do that? I think I know where to perform the code, is in my middleware right after obtain user information. So once I got the user information, I can store some data that I will define into a new key for every flask app to read?
This clears it up a bit. You’re not transferring data, you’re trying to delegate authentication.
So yes, I can see where forwarding the session id cookie to the iframe would actually be a worthwhile idea. Your JavaScript being loaded by the Django page will need to read the cookie and pass it to the iframe request - probably either as a url parameter or a query parameter.
Your flash app can then use the Redis api to retrieve the string from the redis key identified by the session id value, and use the Django decode functions to get the data from it.
Or, to avoid needing to use Django’s decode functions you can create your own redis key also based on the session id and write the necessary data to that key. I wouldn’t write middleware for this, I’d write the session id from the view where the person logs in. (There’s no need to do this in more than one place or more than one time, provided you use a suitably-long expiration value for that key.)
See the docs at Python guide | Redis for accessing Redis directly from your Python code.
Hi Ken,
Is it from this lib django\contrib\sessions\backends\base.py, I need to replicate the decode function into my flask if I were to grab django’s session key?
Yes, that looks like the right code.
I have 1 more question. If I were to decide to create another session key in redis, how do I call the same class that I have initiated in Django? Can’t seem to find any documents about it.
Is it this class?
RedisCacheClient
CACHES = {
“default”: {
“BACKEND”: “django.core.cache.backends.redis.RedisCache”,
“LOCATION”: “redis://{}:{}”.format(os.getenv(‘REDIS_URL’), os.getenv(‘REDIS_PORT’)),
}
}
