nimforum mirror - How to keep an authorized connection session?

Garry_Galler (orginal) [2016-08-31T20:21:53+02:00] view original

My program uses httpbasic authorization and for each request pages from the same site every time they repeatedly send the same headers c pair of login: password. Is it possible to save the login session, and do not send headers "Authorization: Basic" & autentificate & "c L" over and over again? This code is used in the loop for pages:

proc requestpage(url: string,
                 headers: string,
                 timeout: int
                 ) : tuple[resp: Response,err: string,ok:bool] =
  
  var
    resp: Response
    err: string = ""
    ok:  bool   = false
  
  try:
    resp = httpclient.get(url,headers,timeout)
    ok = resp.status == "200 OK"
  except:
    err = getCurrentExceptionMsg()
    tee("Error:" & err,[logFile,""],fg=fgYellow)
  return (resp,err,ok)

OderWat (orginal) [2016-08-31T22:49:35+02:00] view original

There is nothing like a "login/session" with basic-auth. It is just how it works.

Garry_Galler (orginal) [2016-08-31T23:46:18+02:00] view original

I'm sorry, OderWat, but I misunderstood your answer.:-) I reframe the question: is there a means to support Nim http session, such as the module Grab (python), where the authorization session is maintained automatically, and the user need only once to make login to access the site? Or this functionality in Nim is a question for future developments?

Garry_Galler (orginal) [2016-09-01T00:02:11+02:00] view original

...OK. I think, understand what you mean.:-)At http\basic authorization does not create any of this session, it directly mimics the browser itself, sending all the authentication information hidden from the user. Question by basic authorization withdrawn.

OderWat (orginal) [2016-09-01T00:06:13+02:00] view original

EDIT: Was writing while you wrote :)

My answer still stands :) Basic-Auth works like that and this possible extension for Nim would just do the same as you do right now.

Maintaining sessions for other authorization schemes would be something more special as those come in a multitude of formats from url based session IDs to one or more cookies.

I guess that grab is recording cookies and send them back like a web browser does it. But this has nothing to do with basic-auth and would not change anything for your code imho.

_tulayang (orginal) [2016-09-01T02:40:05+02:00] view original

You should write a session API on server with some key-value cache database (such as redis). Then using cookie to transform session state between client and server.


         
         Cookie: sid=0123456abcdefg               Session API
client ---------------------------------- server ------------- redis
         Set-Cookie: sid=0123456abcdefg

Garry_Galler (orginal) [2016-09-01T12:03:27+02:00] view original

OderWat

I guess that grab is recording cookies and send them back like a web browser does it

Yes, that's exactly what he does.

_tulayang, Indeed, what we should do: take the cookies out of the Set-Cookie header, and then send them to the server in the Cookie header. My habit to do high-level abstractions (for example, in powershell session is stored in a special variable and directly about the cookies do not have to think) was the consequence of the fact that I am a bit forgotten how to do it at a lower level :-)

However, http modules Nim would not hurt the ability to automatically memorize of cookies, similar modules in python.

Mirror of forum.nim-lang.org

2506 :: How to keep an authorized connection session?