Skip to content

SessionConfig class

Reference for the SessionConfig class object and how to use it.

Read more about how to use the SessionConfig in your application and leverage the system.

How to import

from esmerald import SessionConfig

esmerald.config.session.SessionConfig

Bases: BaseModel

An instance of SessionConfig.

This configuration is passed to the SessionMiddleware and enables the middleware.

Example

from esmerald import Esmerald
from esmerald.config import SessionConfig

session_config = SessionConfig(
    secret_key=settings.secret_key,
    session_cookie="session",
)

app = Esmerald(session_config=session_config)

secret_key instance-attribute 

secret_key

The string used for the encryption/decryption and used to create an HMAC to sign.

Tip

It is advised to use the same secret as the one in the settings to make it consistent.

path class-attribute instance-attribute 

path = '/'

The path of the cookie.

session_cookie = 'session'

The name for the session cookie.

max_age class-attribute instance-attribute 

max_age = SECONDS_IN_A_DAY * 180

The number in seconds until the cookie expires.

https_only class-attribute instance-attribute 

https_only = False

Boolean if set enforces the session cookie to be httpsOnly.

same_site class-attribute instance-attribute 

same_site = 'lax'

Level of restriction for the session cookie.

Learn more about the same site.

validate_secret 

validate_secret(value)
PARAMETER DESCRIPTION
value

The string secret that will be evaluated.

TYPE: Secret

Source code in esmerald/config/session.py 
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
@field_validator("secret_key")
def validate_secret(
    cls,
    value: Annotated[
        Secret,
        Doc(
            """
            The string secret that will be evaluated.
            """
        ),
    ],
) -> Secret:
    if len(value) not in [16, 24, 32]:
        raise ValueError("secret length must be 16 (128 bit), 24 (192 bit) or 32 (256 bit)")
    return value