在Redis上共享一个用于Django和Express.js应用程序的会话存储 [英] Sharing a session store on Redis for a Django and a Express.js Application
问题描述
我想用一些登录的用户创建一个Django应用程序。另一方面,由于我想要一些实时功能,我想使用一个Express.js应用程序。
I want to create a Django application with some logged-in users. On another side, since I want some real-time capabilities, I want to use an Express.js application.
现在,问题是,我不想要未经身份验证用户访问Express.js应用程序的数据。所以我必须在Express.js和Django应用程序之间共享一个会话存储。
Now, the problem is, I don't want unauthentified users to access Express.js application's datas. So I have to share a session store between the Express.js and the Django applications.
我以为使用Redis是个好主意,因为易失性的键是完美的这个适合,我已经使用Redis作为应用程序的另一部分。
I thought using Redis would be a good idea, since the volatile keys are perfect for this fit, and I already use Redis for another part of the application.
在Express.js应用程序中,我会有这样的代码:
On the Express.js application, I'd have this kind of code :
[...]
this.sessionStore = new RedisStore;
this.use(express.session({
// Private crypting key
secret: 'keyboard cat', // I'm worried about this for session sharing
store: this.sessionStore,
cookie: {
maxAge: 1800000
}
}))
[...]
rel =noreferrer> django-redis-session 应用程序。
On the Django side, I'd think of using the django-redis-session app.
那么这是一个好主意吗?不会有什么问题吗?特别是关于秘密密钥,我不知道他们会共享相同的会话。
So, is this a good idea? Won't there be any problem? Especially about the secret key, I'm not sure they will both share the same sessions.
推荐答案
你将不得不写一个Express或Django的自定义会话存储。默认情况下,Django(以及django-redis-sessions)将会话存储为腌制的Python对象。将会话快速存储为JSON字符串。 Express,with connect-redis,在redis中的密钥 sess:sessionId
下存储会话,而Django(不完全确定)似乎将它们存储在密钥的sessionId
。您可能可以使用django-redis-sessions作为基础,并覆盖 encode
, decode
, _get_session_key
, _set_session_key
或许还有其他几个。您还必须确保以相同的方式存储和加密Cookie。
You will have to write a custom session store for either Express or Django. Django, by default (as well as in django-redis-sessions) stores sessions as pickled Python objects. Express stores sessions as JSON strings. Express, with connect-redis, stores sessions under the key sess:sessionId
in redis, while Django (not totally sure about this) seems to store them under the key sessionId
. You might be able to use django-redis-sessions as a base, and override encode
, decode
, _get_session_key
, _set_session_key
and perhaps a few others. You would also have to make sure that cookies are stored and encrypted in the same way.
显然,为Express创建可以腌制的会话存储将变得更加困难并解开Python对象。
Obviously, it will be way harder to create a session store for Express that can pickle and unpickle Python objects.
这篇关于在Redis上共享一个用于Django和Express.js应用程序的会话存储的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!