Django

Code

Ticket #1180: sessions.uuid.patch

File sessions.uuid.patch, 1.1 kB (added by anonymous, 5 months ago)

  • base.py

    old new  
    1212except ImportError: 
    1313    import pickle 
    1414 
     15try: 
     16    import uuid 
     17except: 
     18    import django.utils.uuid as uuid 
     19 
    1520class SessionBase(object): 
    1621    """ 
    1722    Base class for all Session classes. 
     
    8893 
    8994    def _get_new_session_key(self): 
    9095        "Returns session key that isn't being used." 
    91         # The random module is seeded when this Apache child is created. 
    92         # Use settings.SECRET_KEY as added salt. 
    93         try: 
    94             pid = os.getpid() 
    95         except AttributeError: 
    96             # No getpid() in Jython, for example 
    97             pid = 1 
     96        # The generated key is a UUID as defined in http://www.faqs.org/rfcs/rfc4122.html 
    9897        while 1: 
    99             session_key = md5.new("%s%s%s%s" % (random.randint(0, sys.maxint - 1), 
    100                                   pid, time.time(), settings.SECRET_KEY)).hexdigest() 
     98            session_key = uuid4().hex 
    10199            if not self.exists(session_key): 
    102100                break 
    103101        return session_key