function get_user_session_key
Generates a user-specific session key by combining user ID and session ID when authentication is required, or returns just the session ID otherwise.
/tf/active/vicechatdev/docchat/app.py
84 - 97
simple
Purpose
This function creates a unique session identifier that can be scoped to a specific user when authentication is enabled. It's used in session management systems to differentiate between authenticated and anonymous sessions, allowing for user-specific session storage and retrieval. When REQUIRE_AUTH is enabled and a user_id is provided, it creates a composite key to ensure session data is isolated per user.
Source Code
def get_user_session_key(session_id, user_id=None):
"""
Get a user-specific session key.
Args:
session_id: The session ID
user_id: The user ID (from session['user']['user_id'])
Returns:
str: Combined key in format "user_id:session_id" or just session_id if no user
"""
if config.REQUIRE_AUTH and user_id:
return f"{user_id}:{session_id}"
return session_idParameters
| Name | Type | Default | Kind |
|---|---|---|---|
session_id |
- | - | positional_or_keyword |
user_id |
- | None | positional_or_keyword |
Parameter Details
session_id: The session identifier string. This is typically a unique identifier generated for each session (e.g., UUID). Required parameter that should always be provided.
user_id: Optional user identifier, typically retrieved from session['user']['user_id']. When provided along with config.REQUIRE_AUTH being True, it's prepended to the session_id to create a user-specific key. Defaults to None for anonymous sessions.
Return Value
Returns a string representing the session key. If config.REQUIRE_AUTH is True and user_id is provided, returns a composite key in the format 'user_id:session_id' (e.g., '12345:abc-def-ghi'). Otherwise, returns just the session_id string unchanged. The return value is used as a key for session storage lookups.
Dependencies
config
Required Imports
import config
Usage Example
import config
# Example 1: With authentication enabled and user_id provided
config.REQUIRE_AUTH = True
session_id = 'abc-123-def-456'
user_id = '12345'
key = get_user_session_key(session_id, user_id)
print(key) # Output: '12345:abc-123-def-456'
# Example 2: With authentication disabled
config.REQUIRE_AUTH = False
key = get_user_session_key(session_id, user_id)
print(key) # Output: 'abc-123-def-456'
# Example 3: No user_id provided (anonymous session)
config.REQUIRE_AUTH = True
key = get_user_session_key(session_id)
print(key) # Output: 'abc-123-def-456'
# Example 4: Typical usage in a Flask application
from flask import session
session_id = session.get('session_id')
user_id = session.get('user', {}).get('user_id')
session_key = get_user_session_key(session_id, user_id)Best Practices
- Always ensure config.REQUIRE_AUTH is properly set before calling this function to avoid unexpected behavior
- The user_id should be validated and sanitized before being passed to this function to prevent injection attacks
- Use this function consistently throughout your application for all session key generation to maintain uniform session management
- When using the returned key for storage lookups, ensure your storage system can handle the colon character in keys
- Consider the implications of changing config.REQUIRE_AUTH at runtime, as it may cause session key mismatches
- The function uses truthiness checks, so empty strings or 0 for user_id will be treated as falsy and ignored
Tags
Similar Components
AI-powered semantic similarity - components with related functionality:
-
function get_current_user_id 63.1% similar
-
function get_user_id 62.3% similar
-
function get_user_name 57.4% similar
-
function get_user_email 55.8% similar
-
function get_current_user 54.0% similar