[Web-SIG] How to make REMOTE_USER variable private across WSGI middlewares?
Etienne Robillard
tkadm30 at yandex.com
Tue Oct 11 18:47:32 EDT 2016
Here's the source code:
https://bitbucket.org/tkadm30/django-hotsauce/src/6a862e22e045cb10a84f3b08e4c237ed592ecec7/lib/notmm/controllers/wsgi.pyx
A live demo is here: http://www.isotopesoftware.ca/
The problem is in the init_request method.
The current implementation uses threading.local.
I have no idea how to make the WSGI environ object a thread-local in
case the remote user has been logged in.
Any input would be greatly appreciated.
Regards,
Etienne
Le 2016-10-10 à 10:30, Etienne Robillard a écrit :
> Hi,
>
> I'm attempting to develop a OAuth 2.0 authentication middleware which
> sets REMOTE_USER variable into the WSGI environ object, however I'm
> unable to make this variable unique for the logged user.
>
> Is it recommended to use threading.local or gevent to make the WSGI
> environment persisting on a per-request basis ?
>
> What others options can you advise to make private request data not
> accessible in WSGI ?
>
> Thanks in advance,
>
> Etienne
>
>
--
Etienne Robillard
tkadm30 at yandex.com
http://www.isotopesoftware.ca/
More information about the Web-SIG
mailing list