Skip to content Skip to sidebar Skip to footer
Home / Flask / Google App Engine / Python

User Not Logged In - Session Cookie Too Large?

Post a Comment
I am following the authentication tutorial for google app engine/python here: https://cloud.google.com/python/getting-started/authenticate-users I'm sure I've followed everything c

Solution 1:

Yes, all data needed to verify the authentication is in the cookie, and you are storing too much info in it.

You can reduce what is stored for the profile, perhaps, in the _request_user_info() hook:

def_request_user_info(credentials):
    # ...
    resp, content = http.request(
        'https://www.googleapis.com/plus/v1/people/me')

    # ...
    session['profile'] = json.loads(content.decode('utf-8'))

Rather than store the whole dictionary, filter the dictionary that json.loads() returns and only retain the profile information your application really needs to have. That, or store this information somewhere else, like in memcached (so retrieve it each time you need it and it is not available in memcached still).

See the People resource documentation to see what data is being stored in session['profile'] and pick what you really need. The tutorial, for example, only needs the display name and the image url:

profile = json.loads(content.decode('utf-8'))
session['profile'] = {'displayName': profile['displayName'], 'image': profile['image']}

Post a Comment for "User Not Logged In - Session Cookie Too Large?"