[core] Protect session data from unwanted loading.
Use specialised Session and Connection types that forward their 'data' and
'session_data' attributes to the pyramid request.session attribute.
This forwarding is done with properties, instead of copying a reference, which
allow to access request.session (and the session factory) if and only if
Session.data or Connection.session_data is accessed.
In some cases, most notably the static resources requests, it can mean no
access the session during the request handling, which saves a request to the
session persistence layer.
Closes #4891437
""" Defaults for a classical CubicWeb instance. """
def includeme(config):
""" Enable the defaults that make the application behave like a classical
CubicWeb instance.
The following modules get included:
- :func:`pyramid_cubicweb.session <pyramid_cubicweb.session.includeme>`
- :func:`pyramid_cubicweb.auth <pyramid_cubicweb.auth.includeme>`
- :func:`pyramid_cubicweb.login <pyramid_cubicweb.login.includeme>`
It is automatically included by the configuration system, unless the
following entry is added to the :ref:`pyramid_settings`:
.. code-block:: ini
cubicweb.defaults = no
"""
config.include('pyramid_cubicweb.session')
config.include('pyramid_cubicweb.auth')
config.include('pyramid_cubicweb.login')