flask - 为什么Flask session 的值必须是JSON可序列化的？

Question

我正在尝试为Flask应用程序中的用户 session 实例化一个基本的Model实例。我对类必须是JSON可序列化的要求感到措手不及。我以为 session 字典只是用于存储 session 信息的任意构造，但是听起来它的使用受到更多限制，其中之一显然是JSON可序列化的值。还有哪些其他约束，此JSON约束的目的到底是什么？ Web应用程序是否很难通过JSON保留用户 session ？此要求来自何处或受到其启发？

@app.route( '/' , methods=['GET', 'POST'] )
def index():
    """index  takes user to the home page of the application.
    """

    # Create model instance for this user session
    if 'model' not in session :
        session['model'] = Model( )


File "C:\Anaconda3\lib\site-packages\flask\json.py", line 83, in default
return _json.JSONEncoder.default(self, o)
File "C:\Anaconda3\lib\json\encoder.py", line 173, in default
raise TypeError(repr(o) + " is not JSON serializable")
TypeError: <Model.Model object at 0x000000000770B6D8> is not JSON serializable

仅出于其他背景， session 对象看起来像是LocalProxy实例，可能会暗示事物的设计。

>>> type( session )
<class 'werkzeug.local.LocalProxy'>

Answer 1

好的，因此在Pycon 2015上的Miguel Grinberg的Flask Workshop中对此进行了很好的评论。JSON支持的需求与持久保存此 session 数据有关，这是作为客户端上的cookie。因此，数据必须进行序列化以弥合服务器和客户端之间的差距。据他介绍...

So flask supports this session object,... inside any route function while your handling a request you refer to session as a dictionary. And anything you write is remembered, next time you can look for it and it will be there and it will be user specific.

If you're interested to know how that works, this is Flask internals, anything you write to this dictionary, Flask will put in a cookie and it will send it to the Client. So this will be stored in the client's web browser. It will be a cookie that is crytographically signed, to make sure that the user does not tamper with it, that there are no attacks possible. You can see what's in the cookie but you cannot modify it. By default Flask writes the data itself in the cookie and that cookie goes to the client. What many other frameworks do by default is different. Basically what they do is they write the data in a file or database in the server, and then they write a cookie with an id that identifies that data, and then they send the id in the cookie. So Flask by default sends the whole data in the cookie so there's no need to store anything in the server.

所以在我的特殊情况下，为了解决这个问题，我必须实现一个JSONEncoder并先对其进行编码，然后再将其传输到我的 session 中

<<Model.py>>
class ModelEncoder( JSONEncoder ) :
    def default( self , obj ) :
        if isinstance( obj , Model ):
            return obj.to_json()
        # Let the base class default method raise the TypeError
        return json.JSONEncoder.default( self , obj )

class Model( JSONEncoder ) :
    ....
    def to_json( self ) :
        """
        to_json transforms the Model instance into a JSON string
        """
        return jsonpickle.encode( self )


<<FlaskApp.py>>
    ...
    # Create model instance for this user session
    if 'model' not in session :
        session['model'] = ModelEncoder().encode( Model( ) )