[Web-SIG] How to make REMOTE_USER variable private across WSGI middlewares?
Etienne Robillard
tkadm30 at yandex.com
Thu Aug 10 06:25:00 EDT 2017
Hi,
A little update on this issue. I switched to werkzeug/gevent for storing
the http request in a thread-local object. I also use a contextmanager
to set the current request for a thread. However, since the value of
REMOTE_USER is set from a WSGI middleware, it doesn't persist into my
thread-local request object.
Here's my code:
@contextmanager
def sessionmanager(environ):
_requests.request = RequestClass(environ)
yield
_requests.request = None
def get_current_request():
try:
return _requests.request
except AttributeError:
raise TypeError("No request object for this thread")
request = LocalProxy(lambda: get_current_request())
[...]
def application(self, environ, start_response):
self._session.environ.update(environ)
with sessionmanager(self._session.environ):
response = self.get_response(request=request)
try:
return response(self._session.environ, start_response)
finally:
_requests.request = None
#self._session.environ.clear()
Any suggestions how to improve this code to allow the value of
REMOTE_USER to persist if and only if the user has been authenticated ?
Thank you in advance,
Etienne
Le 2016-10-12 à 05:42, Etienne Robillard a écrit :
> I believe the OAuth2 middleware and client is functioning correctly
> and is setting the REMOTE_USER value as expected. But I guess the
> problem is because I recreate a new WebOb request object before
> returning a WSGI response. Also, I need to update the WSGI environment
> for each request in order to preserve the value of REMOTE_USER.
> However, i don't know if it's logical to recreate a WSGI request every
> time. Perhaps the solution would be to use a global request object...
>
--
Etienne Robillard
tkadm30 at yandex.com
http://www.isotopesoftware.ca/
More information about the Web-SIG
mailing list