首頁 探索 說明
登入
piratas
/
biblioteca
關註 2
讚好 0
複刻 0
Files 問題管理 6 合併請求 0 Wiki
目錄樹: 832080cec2
分支列表 標籤列表
biblioteca
/
mediagoblin
/
tools
/
session.py

session.py 2.4 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. # GNU MediaGoblin -- federated, autonomous media hosting
    2. 

  2. # Copyright (C) 2013 MediaGoblin contributors.  See AUTHORS.
    3. 

  3. #
    4. 

  4. # This program is free software: you can redistribute it and/or modify
    5. 

  5. # it under the terms of the GNU Affero General Public License as published by
    6. 

  6. # the Free Software Foundation, either version 3 of the License, or
    7. 

  7. # (at your option) any later version.
    8. 

  8. #
    9. 

  9. # This program is distributed in the hope that it will be useful,
    10. 

  10. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12. # GNU Affero General Public License for more details.
    13. 

  13. #
    14. 

  14. # You should have received a copy of the GNU Affero General Public License
    15. 

  15. # along with this program.  If not, see <http://www.gnu.org/licenses/>.
    16. 

  16. 

  17. import itsdangerous
    18. 

  18. import logging
    19. 

  19. 

  20. from mediagoblin.tools import crypto
    21. 

  21. 

  22. _log = logging.getLogger(__name__)
    23. 

  23. 

  24. MAX_AGE = 30 * 24 * 60 * 60
    25. 

  25. 

  26. class Session(dict):
    27. 

  27.     def __init__(self, *args, **kwargs):
    28. 

  28.         self.send_new_cookie = False
    29. 

  29.         dict.__init__(self, *args, **kwargs)
    30. 

  30. 

  31.     def save(self):
    32. 

  32.         self.send_new_cookie = True
    33. 

  33. 

  34.     def is_updated(self):
    35. 

  35.         return self.send_new_cookie
    36. 

  36. 

  37.     def delete(self):
    38. 

  38.         self.clear()
    39. 

  39.         self.save()
    40. 

  40. 

  41. 

  42. class SessionManager(object):
    43. 

  43.     def __init__(self, cookie_name='MGSession', namespace=None):
    44. 

  44.         if namespace is None:
    45. 

  45.             namespace = cookie_name
    46. 

  46.         self.signer = crypto.get_timed_signer_url(namespace)
    47. 

  47.         self.cookie_name = cookie_name
    48. 

  48. 

  49.     def load_session_from_cookie(self, request):
    50. 

  50.         cookie = request.cookies.get(self.cookie_name)
    51. 

  51.         if not cookie:
    52. 

  52.             return Session()
    53. 

  53.         ### FIXME: Future cookie-blacklisting code
    54. 

  54.         # m = BadCookie.query.filter_by(cookie = cookie)
    55. 

  55.         # if m:
    56. 

  56.         #     _log.warn("Bad cookie received: %s", m.reason)
    57. 

  57.         #     raise BadRequest()
    58. 

  58.         try:
    59. 

  59.             return Session(self.signer.loads(cookie))
    60. 

  60.         except itsdangerous.BadData:
    61. 

  61.             return Session()
    62. 

  62. 

  63.     def save_session_to_cookie(self, session, request, response):
    64. 

  64.         if not session.is_updated():
    65. 

  65.             return
    66. 

  66.         elif not session:
    67. 

  67.             response.delete_cookie(self.cookie_name)
    68. 

  68.         else:
    69. 

  69.             if session.get('stay_logged_in', False):
    70. 

  70.                 max_age = MAX_AGE
    71. 

  71.             else:
    72. 

  72.                 max_age = None
    73. 

  73. 

  74.             response.set_cookie(self.cookie_name, self.signer.dumps(session),
    75. 

  75.                 max_age=max_age, httponly=True)
    76. 

  76.