SessionHandle

class gafaelfawr.session.SessionHandle(key: str = <factory>, secret: str = <factory>)

Bases: object

A handle for a session, usable instead of a JWT.

Notes

A session handle consists of two parts, a semi-public key that is used as the token jti claim and as the Redis key, and a secret that is only present in the token returned to the user and the encrypted session in Redis.

The serialized form of a session handle always starts with gsh-, short for Gafaelfawr session handle, to make it easier to identify these handles in logs.

The serialized form encodes the secret in URL-safe base64 with the padding stripped off (because equal signs can be parsed oddly in cookies).

Methods Summary

encode()	Return the encoded session handle.
from_str(handle)	Parse a serialized handle into a SessionHandle.

Methods Documentation

encode() → str

Return the encoded session handle.

classmethod from_str(handle: str) → gafaelfawr.session.SessionHandle

Parse a serialized handle into a SessionHandle.

Parameters:handle (str) – The serialized handle. Returns:decoded_handle – The decoded SessionHandle. Return type:SessionHandle Raises:InvalidSessionHandleException – The provided string is not a valid session handle.