[英]Flask session not persistent across requests in Flask app with Gunicorn on Heroku
I'm running a Flask application with Gunicorn as a web server.我正在使用 Gunicorn 作为 web 服务器运行 Flask 应用程序。 The whole project is deployed to Heroku.
整个项目部署到Heroku。
Procfile简介
web: gunicorn app:app --log-file=-
Flask sessions are implemented server side, only a session id is stored in the flask.session
object. Whenever I'm trying to do a login, I get logged in correctly at first, but then get redirected to the starting site (which should be the user site). Flask 会话在服务器端实现,只有 session id 存储在
flask.session
object 中。每当我尝试登录时,我首先正确登录,但随后被重定向到起始站点(应该是用户地点)。
LoginController.py登录控制器.py
def login(form) :
User.session.set(User.getByLogin(form))
if User.session.exists() :
return redirect(Urls.home)
return redirect(Urls.login)
The log shows that User.session.exists()
returns True
but in the next method (during the redirect)...日志显示
User.session.exists()
返回True
但在下一个方法中(在重定向期间)......
HomeController.py家庭控制器.py
def view() :
if User.session.exists() :
return CourseController.view()
return render_template("home.html")
...the same method returns False
. ...相同的方法返回
False
。
User.session object用户.session object
def exists(self) :
key = session.get("user_key")
user = self.users.get(key)
Log.debug("session::exists", user = user)
return user is not None
In all following requests the user is randomly logged in or not.在以下所有请求中,用户随机登录或不登录。
What can be the reason for this?这可能是什么原因? I heard that a too large
session
object can result in data loss, but I'm only storing integers in it.我听说太大的
session
object 会导致数据丢失,但我只在其中存储整数。
Looks like there were two problems: 看起来有两个问题:
app.secret_key
shouldn't be set to os.urandom(24)
because every worker will have another secret key app.secret_key
不应设置为os.urandom(24)
因为每个worker都有另一个密钥 Storing the sessions in a database instead a dictionary at runtime solves the problem. 在运行时将会话存储在数据库中而不是字典中可以解决问题。
I had a similar issue, but for me the answer was related to the cookies. 我有类似的问题,但对我来说答案与饼干有关。 A new session was being created when I opened my development environment, then another one when going to google, and a new one after a successful log in.
当我打开我的开发环境时,正在创建一个新会话,然后在google时创建另一个会话,并在成功登录后创建一个新会话。
The problem was that my SESSION_COOKIE_DOMAIN was incorrect, and the cookie domain was being set to a different host. 问题是我的SESSION_COOKIE_DOMAIN不正确,并且cookie域被设置为不同的主机。 For my local development purposes I set SESSION_COOKIE_DOMAIN = '127.0.0.1', and use http://127.0.0.1 : to access it, and it works OK now.
为了我的本地开发目的,我设置了SESSION_COOKIE_DOMAIN ='127.0.0.1',并使用http://127.0.0.1 :来访问它,它现在正常工作。
I had the same issue, while working locally worked, but on the server nothing did.我有同样的问题,在本地工作时工作,但在服务器上没有任何作用。
Found out when I changed 'app.secret_key' from a "my_secret_key" to os.urandom(24) with one my test user Was always in the session, with the other was never set in the session. reading several pages i did try adding a name to the cookie当我将“app.secret_key”从“my_secret_key”更改为os.urandom(24)时发现我的测试用户始终在 session 中,而另一个从未在 session 中设置。阅读几页我确实尝试添加cookie 的名称
app.config['SECRET_KEY'] = os.urandom(24)
# this is important or wont work
app.config['SESSION_COOKIE_NAME'] = "my_session"
now it works as is expected and i can log in, go to other webpages, and log out will remove the keys from the session.现在它按预期工作,我可以登录 go 到其他网页,注销将从 session 中删除密钥。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.