Skip to content
This repository was archived by the owner on Sep 26, 2025. It is now read-only.
This repository was archived by the owner on Sep 26, 2025. It is now read-only.

"user_id" key collision with Flask-Login  #56

Description

@acbart

The session key "user_id" is used in both LTI authentication and the Flask-Login library[1]. I can't 100% confirm this, but it seems like Flask-Login may decide to clobber the 'user_id' key at times (especially during AJAX calls). In my own fork of PyLTI, I've had to create a duplicate "pylti_user_id" key with the same value as "user_id". This seems to solve the problem I encountered, where the "user_id" was missing in certain AJAX calls.

If there's interest, I can share my patch, but it's a pretty straightforward change and may not be useful for most people. Although in general, it might be polite for PyLTI to add its session keys with "pylti_" or something prepended.

[1] https://github.com/maxcountryman/flask-login/blob/878c5beb505456fc418912b8e81db79cdb7b3433/flask_login.py

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions