Recently I ran into the following error when using file-based sessions in CherryPy v3.8:
AssertionError: The session load without being locked. Check your tools' priority levels.
I was able to fix this with the following config setting:
Why is this? According to the CherryPy documentation on session locking, the default session locking setting is 'implicit'.
In _cptools.py, of the CherryPy session code, we see:
locking = conf.pop('locking', 'implicit') if locking == 'implicit': hooks.attach('before_handler', self._lock_session) elif locking == 'early': # Lock before the request body (but after _sessions.init runs!) hooks.attach('before_request_body', self._lock_session, priority=60)
So, my problem was that I had another CherryPy tool that used session data, but the session had not yet been locked. Using early instead of implicit causes the session to be locked at the before_request_body hook point.