SlideShare a Scribd company logo

PyConIT6 - MAKING SESSIONS AND CACHING ROOMMATES

Alessandro Molina, profile picture
Alessandro Molina

Beaker is a framework for managing caching and sessions in web applications, created to address the dogpile effect. While it supports multiple backends and simplifies session management through cookie storage, challenges include issues with data serialization in Python 3 and design considerations around user expectations for function argument handling in caching decorators. The presentation highlights both the advantages and limitations of using Beaker, proposing solutions and improvements while reflecting on its development journey.

Technology
1 of 29
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
BEAKER - MAKING SESSIONS AND CACHING ROOMMATES Alessandro Molina @__amol__ amol@turbogears.org
Who am I ● CTO @ AXANT.it, mostly Python company (with some iOS and Android) ● TurboGears2 dev team member ● Took over Beaker maintenace in 2015 ● Mostly contributed to web python libraries: Formencode, MING MongoDB ODM, ToscaWidgets2
What’s Beaker ● Framework for handling Caching and Sessions in web applications ● Used by many different frameworks: TurboGears, Bottle, Pyramid, etc... ● Created by Pylons Author to solve the dogpile effect.
DogPile!
The Good ● Handles the DogPile effect ● Provides many backends: Memcache, File, MongoDB, Redis, SQLAlchemy ● A single tool to handle both caching and sessions with common backends.
The Bad ● File based synchronization, what about distributed solutions? ● Session as a big BLOB of data doesn’t perform well in case of big BLOBs of data ● Updated for too long without breaking backward compatibility: Too many APIs
Getting on project: PY3 Support ● Beaker supported Python3 using 2to3 ● This lead to some bugs (not everything got properly converted) ● Made really hard to run the test suite and maintain the project.
So my first action as new maintainer...
Rewriting for Py3 a project that involves serializing/deserializing
Porting to PY3: #1 Snakes speak ? Beaker uses BASE64 to encode pickled data in sessions. >>> import base64, pickle >>> data = dict(key='value', otherkey='othervalue') >>> base64.b64encode(pickle.dumps(data)) 'KGRwMApTJ290aGVya2V5JwpwMQpTJ290aGVydmFsdWUnCnAyCnN TJ2tleScKcDMKUyd2YWx1ZScKcDQKcy4='
BASE64: rfc4648 Here are a few requirements that determine which alphabet should be used: o Handled by humans.
Human handle? TEXT!
Human handle? TEXT!
Human handle? BYTES! >>> import base64, pickle >>> base64.b64encode(pickle.dumps(‘HELLO’)) b'gANYBQAAAEhFTExPcQAu'
Porting to PY3: #2 Session Cookies? ● Session ID is stored in cookies ● CookieSession stores even the whole session in a cookie ○ Great idea, makes really simple to scale ○ HTTP Headers are plain text ○ We are pickling data and base64 so already ASCII ○ Just need to encrypt it to avoid people from messing with them.
HTTP Cookies HTTP has allowed field content with text in the ISO-8859-1 charset [ISO-8859-1], supporting other charsets only through use of [RFC2047] encoding. In practice, most HTTP header field values use only a subset of the US-ASCII charset [USASCII]. Newly defined header fields SHOULD limit their field values to US-ASCII octets
Encoding/Encripting data on Py3 ● Beaker expected to be able to perform text operations on the result of base64 ● Relied on AES to encrypt cookies, pbkdf2 to generates keys and base64/binascii to make it text. ● Reads the encrypt_key from config file
4 lines of code == 10 doubts ● Even Python has no clear idea of what is text and what are bytes: ○ Both BASE64 and BINASCII work with ASCII ○ BINASCII accepts unicode (text) ○ BASE64 accepts bytes ○ Between Python3.2 and Python3.3 the binascii changed behaviour of accepting unicode vs bytes ○ ConfigParser returns text on py3, bytes on py2
Now crying in a corner...
Let’s go for something simpler... ● Review patch to caching decorator ● To cache a function, just apply a decorator that calls function and caches the result ● Caching decorator generates cache key ○ Cache Key from the function name ○ convert parameters to strings ○ add parameters to cache key
Getting the Cache Key def cache(self, *args, **kwargs): """Decorate a function to cache itself with supplied parameters :param args: Used to make the key unique for this function, as in region() above. :param kwargs: Parameters to be passed to get_cache(), will override defaults Example:: # Assuming a cache object is available like: cache = CacheManager(dict_of_config_options) def populate_things(): @cache.cache('mycache', expire=15) def load(search_term, limit, offset): return load_the_data(search_term, limit, offset) return load('rabbits', 20, 0) """ return _cache_decorate(args, self, kwargs, None)
Well, maybe...
Unknown parameters ● Decorator gets *args and **kwargs ● Makes sense... doesn’t know the real function arguments ● Not so much in fact… func(1) and func (a=1) end up with two different cache keys
Avoid the doubt ● Beaker solved this by accepting only positional arguments on cached functions .. note:: The function being decorated must only be called with positional arguments. ● Users not so happy, breaks people code when they introduce caching: ○ https://github.com/bbangert/beaker/issues/62
What to do? ● Leave it as is… As been like that for years ● Add **kwargs and just document the issue ● Add **kwargs and try to be smart using inspect.getargspec / inspect. getcallargs but that would be slow
Leave it as is… at least isn’t broken
Has been a great trip! ● Making sessions and caching in a single solution seemed simple, but has actually a lot of corner case ● Beaker Co-Author thrown in the towel and created dopgile.cache which is based on beaker code but is much simpler and doesn’t provide sessions
Still is incredibily convenient ● There are more shared features than differences (especially in cookie based marshalled sessions). ● It’s really convenient, write backends once and have support for both sessions and caching on them.
Questions?

More Related Content

PDF
PyConIT6 - Messing up with pymongo for fun and profit
Alessandro Molina
 
PDF
MongoTorino 2013 - BSON Mad Science for fun and profit
Alessandro Molina
 
PPT
Java Development with MongoDB (James Williams)
MongoSF
 
PPTX
Threads and Node.js
PolyglotMeetups
 
PDF
PyconIE 2016 - Kajiki, the fast and validated template engine your were looki...
Alessandro Molina
 
PPTX
Java Development with MongoDB
Scott Hernandez
 
PDF
From SQLAlchemy to Ming with TurboGears2
Alessandro Molina
 
PDF
Introduction to using MongoDB with Ruby
Jonathan Holloway
 
PyConIT6 - Messing up with pymongo for fun and profit
Alessandro Molina
 
MongoTorino 2013 - BSON Mad Science for fun and profit
Alessandro Molina
 
Java Development with MongoDB (James Williams)
MongoSF
 
Threads and Node.js
PolyglotMeetups
 
PyconIE 2016 - Kajiki, the fast and validated template engine your were looki...
Alessandro Molina
 
Java Development with MongoDB
Scott Hernandez
 
From SQLAlchemy to Ming with TurboGears2
Alessandro Molina
 
Introduction to using MongoDB with Ruby
Jonathan Holloway
 

What's hot (20)

TXT
Php
Christian Zapata Navarro
 
PDF
Reactive & Realtime Web Applications with TurboGears2
Alessandro Molina
 
PPTX
MongoDB Aug2010 SF Meetup
Scott Hernandez
 
PPTX
Robust C++ Task Systems Through Compile-time Checks
Stoyan Nikolov
 
ODP
This upload requires better support for ODP format
Forest Mars
 
ODP
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Codemotion
 
PDF
Node.js and How JavaScript is Changing Server Programming
Tom Croucher
 
PPTX
MongoDB: Easy Java Persistence with Morphia
Scott Hernandez
 
PDF
Mongophilly shell-2011-04-26
kreuter
 
PPTX
Intro to data oriented design
Stoyan Nikolov
 
PPTX
MongoDB + Java - Everything you need to know
Norberto Leite
 
PDF
Libbitcoin slides
swansontec
 
PPTX
Defcamp 2013 - SSL Ripper
DefCamp
 
PDF
Cryptography in PHP: use cases
Enrico Zimuel
 
PPT
iOS Development with Blocks
Jeff Kelley
 
PDF
Shared memory and multithreading in Node.js - Timur Shemsedinov - JSFest'19
Timur Shemsedinov
 
PDF
BreizhCamp 2013 - Pimp my backend
Horacio Gonzalez
 
PDF
ENIB 2015-2016 - CAI Web - S01E01- MongoDB and NoSQL
Horacio Gonzalez
 
PDF
ENIB 2015 2016 - CAI Web S02E03 - Forge JS 2/4 - MongoDB and NoSQL
Horacio Gonzalez
 
PDF
Objective-C Blocks and Grand Central Dispatch
Matteo Battaglio
 
Php
Christian Zapata Navarro
 
Reactive & Realtime Web Applications with TurboGears2
Alessandro Molina
 
MongoDB Aug2010 SF Meetup
Scott Hernandez
 
Robust C++ Task Systems Through Compile-time Checks
Stoyan Nikolov
 
This upload requires better support for ODP format
Forest Mars
 
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Codemotion
 
Node.js and How JavaScript is Changing Server Programming
Tom Croucher
 
MongoDB: Easy Java Persistence with Morphia
Scott Hernandez
 
Mongophilly shell-2011-04-26
kreuter
 
Intro to data oriented design
Stoyan Nikolov
 
MongoDB + Java - Everything you need to know
Norberto Leite
 
Libbitcoin slides
swansontec
 
Defcamp 2013 - SSL Ripper
DefCamp
 
Cryptography in PHP: use cases
Enrico Zimuel
 
iOS Development with Blocks
Jeff Kelley
 
Shared memory and multithreading in Node.js - Timur Shemsedinov - JSFest'19
Timur Shemsedinov
 
BreizhCamp 2013 - Pimp my backend
Horacio Gonzalez
 
ENIB 2015-2016 - CAI Web - S01E01- MongoDB and NoSQL
Horacio Gonzalez
 
ENIB 2015 2016 - CAI Web S02E03 - Forge JS 2/4 - MongoDB and NoSQL
Horacio Gonzalez
 
Objective-C Blocks and Grand Central Dispatch
Matteo Battaglio
 
Ad

Similar to PyConIT6 - MAKING SESSIONS AND CACHING ROOMMATES (20)

PPTX
Why learn Internals?
Shaul Rosenzwieg
 
PPTX
Logs @ OVHcloud
OVHcloud
 
PDF
High Performance With Java
malduarte
 
PDF
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...
Chris Shenton
 
PDF
Fluent Bit: Log Forwarding at Scale
Eduardo Silva Pereira
 
PDF
How to use MongoDB with CakePHP
ichikaway
 
PDF
Mongo db3.0 wired_tiger_storage_engine
Kenny Gorman
 
PPTX
Advanced MySql Data-at-Rest Encryption in Percona Server
Severalnines
 
PPTX
Mario on spark
Igor Berman
 
PDF
Zend Server Data Caching
El Taller Web
 
PDF
The State of containerd
Moby Project
 
PDF
When is Myrocks good? 2020 Webinar Series
Alkin Tezuysal
 
PDF
Interview with Anatoliy Kuznetsov, the author of BitMagic C++ library
PVS-Studio
 
PDF
Massively Scaled High Performance Web Services with PHP
Demin Yin
 
PDF
[AWS Builders] Effective AWS Glue
Amazon Web Services Korea
 
PDF
Time series denver an introduction to prometheus
Bob Cotton
 
PDF
Log forwarding at Scale
Eduardo Silva Pereira
 
PDF
The Parquet Format and Performance Optimization Opportunities
Databricks
 
PDF
The reasons why 64-bit programs require more stack memory
PVS-Studio
 
ODP
Caching and tuning fun for high scalability
Wim Godden
 
Why learn Internals?
Shaul Rosenzwieg
 
Logs @ OVHcloud
OVHcloud
 
High Performance With Java
malduarte
 
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...
Chris Shenton
 
Fluent Bit: Log Forwarding at Scale
Eduardo Silva Pereira
 
How to use MongoDB with CakePHP
ichikaway
 
Mongo db3.0 wired_tiger_storage_engine
Kenny Gorman
 
Advanced MySql Data-at-Rest Encryption in Percona Server
Severalnines
 
Mario on spark
Igor Berman
 
Zend Server Data Caching
El Taller Web
 
The State of containerd
Moby Project
 
When is Myrocks good? 2020 Webinar Series
Alkin Tezuysal
 
Interview with Anatoliy Kuznetsov, the author of BitMagic C++ library
PVS-Studio
 
Massively Scaled High Performance Web Services with PHP
Demin Yin
 
[AWS Builders] Effective AWS Glue
Amazon Web Services Korea
 
Time series denver an introduction to prometheus
Bob Cotton
 
Log forwarding at Scale
Eduardo Silva Pereira
 
The Parquet Format and Performance Optimization Opportunities
Databricks
 
The reasons why 64-bit programs require more stack memory
PVS-Studio
 
Caching and tuning fun for high scalability
Wim Godden
 
Ad

More from Alessandro Molina (12)

PDF
PyCon Ireland 2022 - PyArrow full stack.pdf
Alessandro Molina
 
PDF
EP2016 - Moving Away From Nodejs To A Pure Python Solution For Assets
Alessandro Molina
 
PDF
EuroPython 2015 - Storing files for the web is not as straightforward as you ...
Alessandro Molina
 
PDF
PyConFR 2014 - DEPOT, Story of a file.write() gone wrong
Alessandro Molina
 
PDF
PyConUK 2014 - PostMortem Debugging and Web Development Updated
Alessandro Molina
 
PDF
Post-Mortem Debugging and Web Development
Alessandro Molina
 
PDF
PyConUK2013 - Validated documents on MongoDB with Ming
Alessandro Molina
 
PDF
EuroPython 2013 - FAST, DOCUMENTED AND RELIABLE JSON BASED WEBSERVICES WITH P...
Alessandro Molina
 
PDF
EuroPython 2013 - Python3 TurboGears Training
Alessandro Molina
 
PDF
PyGrunn2013 High Performance Web Applications with TurboGears
Alessandro Molina
 
PDF
Rapid Prototyping with TurboGears2
Alessandro Molina
 
PDF
TurboGears2 Pluggable Applications
Alessandro Molina
 
PyCon Ireland 2022 - PyArrow full stack.pdf
Alessandro Molina
 
EP2016 - Moving Away From Nodejs To A Pure Python Solution For Assets
Alessandro Molina
 
EuroPython 2015 - Storing files for the web is not as straightforward as you ...
Alessandro Molina
 
PyConFR 2014 - DEPOT, Story of a file.write() gone wrong
Alessandro Molina
 
PyConUK 2014 - PostMortem Debugging and Web Development Updated
Alessandro Molina
 
Post-Mortem Debugging and Web Development
Alessandro Molina
 
PyConUK2013 - Validated documents on MongoDB with Ming
Alessandro Molina
 
EuroPython 2013 - FAST, DOCUMENTED AND RELIABLE JSON BASED WEBSERVICES WITH P...
Alessandro Molina
 
EuroPython 2013 - Python3 TurboGears Training
Alessandro Molina
 
PyGrunn2013 High Performance Web Applications with TurboGears
Alessandro Molina
 
Rapid Prototyping with TurboGears2
Alessandro Molina
 
TurboGears2 Pluggable Applications
Alessandro Molina
 

Recently uploaded (20)

PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Approach and Philosophy of On baking technology
30anthuong17
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
Encapsulation theory and applications.pdf
gurumoop
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
A Presentation on Artificial Intelligence
memembruh336
 

PyConIT6 - MAKING SESSIONS AND CACHING ROOMMATES

  • 1. BEAKER - MAKING SESSIONS AND CACHING ROOMMATES Alessandro Molina @__amol__ amol@turbogears.org
  • 2. Who am I ● CTO @ AXANT.it, mostly Python company (with some iOS and Android) ● TurboGears2 dev team member ● Took over Beaker maintenace in 2015 ● Mostly contributed to web python libraries: Formencode, MING MongoDB ODM, ToscaWidgets2
  • 3. What’s Beaker ● Framework for handling Caching and Sessions in web applications ● Used by many different frameworks: TurboGears, Bottle, Pyramid, etc... ● Created by Pylons Author to solve the dogpile effect.
  • 5. The Good ● Handles the DogPile effect ● Provides many backends: Memcache, File, MongoDB, Redis, SQLAlchemy ● A single tool to handle both caching and sessions with common backends.
  • 6. The Bad ● File based synchronization, what about distributed solutions? ● Session as a big BLOB of data doesn’t perform well in case of big BLOBs of data ● Updated for too long without breaking backward compatibility: Too many APIs
  • 7. Getting on project: PY3 Support ● Beaker supported Python3 using 2to3 ● This lead to some bugs (not everything got properly converted) ● Made really hard to run the test suite and maintain the project.
  • 8. So my first action as new maintainer...
  • 9. Rewriting for Py3 a project that involves serializing/deserializing
  • 10. Porting to PY3: #1 Snakes speak ? Beaker uses BASE64 to encode pickled data in sessions. >>> import base64, pickle >>> data = dict(key='value', otherkey='othervalue') >>> base64.b64encode(pickle.dumps(data)) 'KGRwMApTJ290aGVya2V5JwpwMQpTJ290aGVydmFsdWUnCnAyCnN TJ2tleScKcDMKUyd2YWx1ZScKcDQKcy4='
  • 11. BASE64: rfc4648 Here are a few requirements that determine which alphabet should be used: o Handled by humans.
  • 14. Human handle? BYTES! >>> import base64, pickle >>> base64.b64encode(pickle.dumps(‘HELLO’)) b'gANYBQAAAEhFTExPcQAu'
  • 15. Porting to PY3: #2 Session Cookies? ● Session ID is stored in cookies ● CookieSession stores even the whole session in a cookie ○ Great idea, makes really simple to scale ○ HTTP Headers are plain text ○ We are pickling data and base64 so already ASCII ○ Just need to encrypt it to avoid people from messing with them.
  • 16. HTTP Cookies HTTP has allowed field content with text in the ISO-8859-1 charset [ISO-8859-1], supporting other charsets only through use of [RFC2047] encoding. In practice, most HTTP header field values use only a subset of the US-ASCII charset [USASCII]. Newly defined header fields SHOULD limit their field values to US-ASCII octets
  • 17. Encoding/Encripting data on Py3 ● Beaker expected to be able to perform text operations on the result of base64 ● Relied on AES to encrypt cookies, pbkdf2 to generates keys and base64/binascii to make it text. ● Reads the encrypt_key from config file
  • 18. 4 lines of code == 10 doubts ● Even Python has no clear idea of what is text and what are bytes: ○ Both BASE64 and BINASCII work with ASCII ○ BINASCII accepts unicode (text) ○ BASE64 accepts bytes ○ Between Python3.2 and Python3.3 the binascii changed behaviour of accepting unicode vs bytes ○ ConfigParser returns text on py3, bytes on py2
  • 19. Now crying in a corner...
  • 20. Let’s go for something simpler... ● Review patch to caching decorator ● To cache a function, just apply a decorator that calls function and caches the result ● Caching decorator generates cache key ○ Cache Key from the function name ○ convert parameters to strings ○ add parameters to cache key
  • 21. Getting the Cache Key def cache(self, *args, **kwargs): """Decorate a function to cache itself with supplied parameters :param args: Used to make the key unique for this function, as in region() above. :param kwargs: Parameters to be passed to get_cache(), will override defaults Example:: # Assuming a cache object is available like: cache = CacheManager(dict_of_config_options) def populate_things(): @cache.cache('mycache', expire=15) def load(search_term, limit, offset): return load_the_data(search_term, limit, offset) return load('rabbits', 20, 0) """ return _cache_decorate(args, self, kwargs, None)
  • 23. Unknown parameters ● Decorator gets *args and **kwargs ● Makes sense... doesn’t know the real function arguments ● Not so much in fact… func(1) and func (a=1) end up with two different cache keys
  • 24. Avoid the doubt ● Beaker solved this by accepting only positional arguments on cached functions .. note:: The function being decorated must only be called with positional arguments. ● Users not so happy, breaks people code when they introduce caching: ○ https://github.com/bbangert/beaker/issues/62
  • 25. What to do? ● Leave it as is… As been like that for years ● Add **kwargs and just document the issue ● Add **kwargs and try to be smart using inspect.getargspec / inspect. getcallargs but that would be slow
  • 26. Leave it as is… at least isn’t broken
  • 27. Has been a great trip! ● Making sessions and caching in a single solution seemed simple, but has actually a lot of corner case ● Beaker Co-Author thrown in the towel and created dopgile.cache which is based on beaker code but is much simpler and doesn’t provide sessions
  • 28. Still is incredibily convenient ● There are more shared features than differences (especially in cookie based marshalled sessions). ● It’s really convenient, write backends once and have support for both sessions and caching on them.