Home/ Questions/Q 7587293
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T19:38:16+00:00

I’m using pyramid web framework. I was confused by the relationship between the cookie

  • 0

I’m using pyramid web framework. I was confused by the relationship between the cookie and session. After looked up in wikipedia, did I know that session is an abstract concept and cookie may just be an kind of approach (on the client side).

So, my question is, what’s the most common implementation (on both the client and server)? Can somebody give some example (maybe just description) codes? (I wouldn’t like to use the provided session support inside the pyramid in order to learn)

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    In general, the cookie stored with the client is just a long, hard-to-guess hash code string that can be used as a key into a database. On the server side, you have a table mapping those session hashes to primary keys (a session hash should never be a primary key) and expiration timestamps.

    So when you get a request, first thing you do is look for the cookie. If there isn’t one, create a session entry (cookie + expiration timestamp) in the database table. If there is one, look it up and make sure it hasn’t expired; if it has, make a new one. In either case, if you made a new cookie, you might want to pass that fact down to later code so it knows if it needs to ask for a login or something. If you didn’t need to make a new cookie, reset the expiration timestamp so you don’t expire the session too soon.

    While handling the view code and generating a response, you can use that session primary key to index into other tables that have data associated with the session. Finally, in the response sent back to the client, set the cookie to the session key hash.

    If someone has cookies disabled, then their session cookie will always be new, and any session-based features won’t work.

    • 0