pcah/python-clean-architecture

Domain: Session service

lhaze opened this issue · 1 comments

lhaze commented
  • ISession interface
  • Session API:
    • session expiration (set_expiry/get_expiry/flush)
    • session as data storage with dict API
    • information about the user (ISessionWithUser)
lhaze commented

One clarification: there's no need for making session model/service/whatever user-model-aware. Two reasons:

  • There are lots of applications where having a session instance doesn't imply having a user model instance specified. Maybe there's no user model at all.
  • It seems quite opposite dependency. There is some kind of authentication service that depends on Session component (how about client-side "sessions", even if they are security anti-pattern?), that reads some value from the session and interprets it as an identifier for user repository to get an instance. This seems to be The Clean Architecture way.