Tornado Sessions with Redis!

So, first let me say... I love Tornado.  Love it.  It's simple, it's easy, it's asynchronous and non-blocking! What's not to love? For me, I particularly have a fondness for

7 years ago

Latest Post Full-Stack Kubernetes Monitoring by Mike Moore public

So, first let me say... I love Tornado.  Love it.  It's simple, it's easy, it's asynchronous and non-blocking! What's not to love?

For me, I particularly have a fondness for Redis and using it for reliable web session storage and access.  Whether you love it or hate it, I could care less, but I personally like it and it suits my needs quite well for most projects.

So taking these two technologies and using the awesome power of Tornado, and the great "No-SQL" (p.s. "No-SQL" is a stupid term) Redis and merging the two sounded like a pretty great idea.  There remains only one problem.... Tornado really doesn't have a great native session handler!  So I said to myself... Go forth and build Mike! And that leads us here to our file:

    import cPickle as pickle
    import pickle
from uuid import uuid4
import time

class RedisSessionStore:
    def __init__(self, redis_connection, **options):
        self.options = {
            'key_prefix': 'session',
            'expire': 5184000,
        self.redis = redis_connection

    def prefixed(self, sid):
        return '%s:%s' % (self.options['key_prefix'], sid)

    def generate_sid(self, ):
        return uuid4().get_hex()

    def get_session(self, sid, name):
        data = self.redis.hget(self.prefixed(sid), name)
        session = pickle.loads(data) if data else dict()
        return session

    def set_session(self, sid, session_data, name):
        expiry = self.options['expire']
        self.redis.hset(self.prefixed(sid), name, pickle.dumps(session_data))
        if expiry:
            self.redis.expire(self.prefixed(sid), expiry)

    def delete_session(self, sid):

class Session:
    def __init__(self, session_store, sessionid=None):
        self._store = session_store
        self._sessionid = sessionid if sessionid else self._store.generate_sid()
        self._sessiondata = self._store.get_session(self._sessionid, 'data')
        self.dirty = False

    def clear(self):

    def access(self, remote_ip):
        access_info = {'remote_ip':remote_ip, 'time':'%.6f' % time.time()}

    def last_access(self):
        access_info = self._store.get_session(self._sessionid, 'last_access')
        return pickle.loads(access_info)

    def sessionid(self):
        return self._sessionid

    def __getitem__(self, key):
        return self._sessiondata[key]

    def __setitem__(self, key, value):
        self._sessiondata[key] = value

    def __delitem__(self, key):
        del self._sessiondata[key]

    def __len__(self):
        return len(self._sessiondata)

    def __contains__(self, key):
        return key in self._sessiondata

    def __iter__(self):
        for key in self._sessiondata:
            yield key

    def __repr__(self):
        return self._sessiondata.__repr__()

    def __del__(self):
        if self.dirty:

    def _dirty(self):
        self.dirty = True

    def _save(self):
        self._store.set_session(self._sessionid, self._sessiondata, 'data')
        self.dirty = False

This simple file is handy dandy for inclusion into your tornado project!  Let's take a look at what may be in your main app .py file:

from session import Session

# Our base handler
class BaseHandler(tornado.web.RequestHandler):
    def __init__(self,application, request,**kwargs):

    def get_current_user(self):
        return self.session['user'] if self.session and 'user' in self.session else None

    def session(self):
        sessionid = self.get_secure_cookie(<< YOUR AUTH COOKIE NAME >>,None)
        if sessionid:
            return Session(self.application.session_store, sessionid)
            sess = Session(self.application.session_store, None)
            self.set_secure_cookie(<< YOUR AUTH COOKIE NAME >>,sess.sessionid)
            return sess

Now, this particular example only works with a local redis server... However, you can always pass new connection parameters in to connect to a remote store or cluster.

This is a quick draft with some future editing in mind, but should you find any errors, let me know and I'll make sure to update appropriately! Enjoy!

Mike Moore

Published 7 years ago