#2548: session_middleware.22.diff - Django Code - Trac

django/conf/global_settings.py

old	new
283	283	SESSION_COOKIE_SECURE = False # Whether the session cookie should be secure (https:// only).
284	284	SESSION_COOKIE_PATH = '/' # The path of the session cookie.
285	285	SESSION_SAVE_EVERY_REQUEST = False # Whether to save the session data on every request.
286		SESSION_EXPIRE_AT_BROWSER_CLOSE = False # Whether ~~sessions expire when a user closes his~~ browser.
	286	SESSION_EXPIRE_AT_BROWSER_CLOSE = False # Whether a user's session cookie expires when they close their browser.
287	287	SESSION_ENGINE = 'django.contrib.sessions.backends.db' # The module to store session data
288	288	SESSION_FILE_PATH = '/tmp/' # Directory to store session files if using the file session module
289	289

django/contrib/sessions/middleware.py

old	new
26	26	if accessed:
27	27	patch_vary_headers(response, ('Cookie',))
28	28	if modified or settings.SESSION_SAVE_EVERY_REQUEST:
29		if ~~settings.SESSION_EXPIRE_AT_BROWSER_CLOSE~~:
	29	if request.session.get_expire_at_browser_close():
30	30	max_age = None
31	31	expires = None
32	32	else:
33		max_age = ~~settings.SESSION_COOKIE_AGE~~
34		expires_time = time.time() + ~~settings.SESSION_COOKIE_AGE~~
	33	max_age = request.session.get_expiry_age()
	34	expires_time = time.time() + max_age
35	35	expires = cookie_date(expires_time)
36		# Save the seesion data and refresh the client cookie.
	36	# Save the session data and refresh the client cookie.
37	37	request.session.save()
38	38	response.set_cookie(settings.SESSION_COOKIE_NAME,
39	39	request.session.session_key, max_age=max_age,

django/contrib/sessions/tests.py

old	new
88	88
89	89	>>> s.pop('some key', 'does not exist')
90	90	'does not exist'
	91
	92	#########################
	93	# Custom session expiry #
	94	#########################
	95
	96	>>> from django.conf import settings
	97	>>> from datetime import datetime, timedelta
	98
	99	>>> td10 = timedelta(seconds=10)
	100
	101	# A normal session has a max age equal to settings
	102	>>> s.get_expiry_age() == settings.SESSION_COOKIE_AGE
	103	True
	104
	105	# So does a custom session with an idle expiration time of 0 (but it'll expire
	106	# at browser close)
	107	>>> s.set_expiry(0)
	108	>>> s.get_expiry_age() == settings.SESSION_COOKIE_AGE
	109	True
	110
	111	# Custom session idle expiration time
	112	>>> s.set_expiry(10)
	113	>>> delta = s.get_expiry_date() - datetime.now()
	114	>>> delta.seconds in (9, 10)
	115	True
	116	>>> age = s.get_expiry_age()
	117	>>> age in (9, 10)
	118	True
	119
	120	# Custom session fixed expiry date (timedelta)
	121	>>> s.set_expiry(td10)
	122	>>> delta = s.get_expiry_date() - datetime.now()
	123	>>> delta.seconds in (9, 10)
	124	True
	125	>>> age = s.get_expiry_age()
	126	>>> age in (9, 10)
	127	True
	128
	129	# Custom session fixed expiry date (fixed datetime)
	130	>>> s.set_expiry(datetime.now() + td10)
	131	>>> delta = s.get_expiry_date() - datetime.now()
	132	>>> delta.seconds in (9, 10)
	133	True
	134	>>> age = s.get_expiry_age()
	135	>>> age in (9, 10)
	136	True
	137
	138	# Set back to default session age
	139	>>> s.set_expiry(None)
	140	>>> s.get_expiry_age() == settings.SESSION_COOKIE_AGE
	141	True
	142
	143	# Allow to set back to default session age even if no alternate has been set
	144	>>> s.set_expiry(None)
	145
	146
	147	# We're changing the setting then reverting back to the original setting at the
	148	# end of these tests.
	149	>>> original_expire_at_browser_close = settings.SESSION_EXPIRE_AT_BROWSER_CLOSE
	150	>>> settings.SESSION_EXPIRE_AT_BROWSER_CLOSE = False
	151
	152	# Custom session age
	153	>>> s.set_expiry(10)
	154	>>> s.get_expire_at_browser_close()
	155	False
	156
	157	# Custom expire-at-browser-close
	158	>>> s.set_expiry(0)
	159	>>> s.get_expire_at_browser_close()
	160	True
	161
	162	# Default session age
	163	>>> s.set_expiry(None)
	164	>>> s.get_expire_at_browser_close()
	165	False
	166
	167	>>> settings.SESSION_EXPIRE_AT_BROWSER_CLOSE = True
	168
	169	# Custom session age
	170	>>> s.set_expiry(10)
	171	>>> s.get_expire_at_browser_close()
	172	False
	173
	174	# Custom expire-at-browser-close
	175	>>> s.set_expiry(0)
	176	>>> s.get_expire_at_browser_close()
	177	True
	178
	179	# Default session age
	180	>>> s.set_expiry(None)
	181	>>> s.get_expire_at_browser_close()
	182	True
	183
	184	>>> settings.SESSION_EXPIRE_AT_BROWSER_CLOSE = original_expire_at_browser_close
91	185	"""
92	186
93	187	if __name__ == '__main__':

django/contrib/sessions/backends/base.py

old	new
4	4	import random
5	5	import sys
6	6	import time
	7	from datetime import datetime, timedelta
7	8	from django.conf import settings
8	9	from django.core.exceptions import SuspiciousOperation
9	10
…	…
128	129
129	130	_session = property(_get_session)
130	131
	132	def get_expiry_age(self):
	133	expiry = self.get('_session_expiry')
	134	if not expiry: # Checks both None and 0 cases
	135	return settings.SESSION_COOKIE_AGE
	136	if not isinstance(expiry, datetime):
	137	return expiry
	138	delta = expiry - datetime.now()
	139	return delta.days * 86400 + delta.seconds
	140
	141	def get_expiry_date(self):
	142	"Returns the expiry date"
	143	expiry = self.get('_session_expiry')
	144	if isinstance(expiry, datetime):
	145	return expiry
	146	if not expiry: # Checks both None and 0 cases
	147	expiry = settings.SESSION_COOKIE_AGE
	148	return datetime.now() + timedelta(seconds=expiry)
	149
	150	def set_expiry(self, value):
	151	"""
	152	Sets a custom expiration for the session. ``value`` can be an integer, a
	153	Python ``datetime`` or ``timedelta`` object or ``None``.
	154
	155	If ``value`` is an integer, the session will expire after that many
	156	seconds of inactivity. If set to ``0`` then the session will expire on
	157	browser close.
	158
	159	If ``value`` is a ``datetime`` or ``timedelta`` object, the session
	160	will expire at that specific future time.
	161
	162	If ``value`` is ``None``, the session uses the global session expiry
	163	policy.
	164	"""
	165	if value is None:
	166	# Remove any custom expiration for this session.
	167	try:
	168	del self['_session_expiry']
	169	except KeyError:
	170	pass
	171	return
	172	if isinstance(value, timedelta):
	173	value = datetime.now() + value
	174	self['_session_expiry'] = value
	175
	176	def get_expire_at_browser_close(self):
	177	if self.get('_session_expiry') is None:
	178	return settings.SESSION_EXPIRE_AT_BROWSER_CLOSE
	179	return self.get('_session_expiry') == 0
	180
131	181	# Methods that child classes must implement.
132	182
133	183	def exists(self, session_key):

django/contrib/sessions/backends/cache.py

old	new
4	4
5	5	class SessionStore(SessionBase):
6	6	"""
7		A cache-based session store.
	7	A cache-based session store.
8	8	"""
9	9	def __init__(self, session_key=None):
10	10	self._cache = cache
11	11	super(SessionStore, self).__init__(session_key)
12
	12
13	13	def load(self):
14	14	session_data = self._cache.get(self.session_key)
15	15	return session_data or {}
16	16
17	17	def save(self):
18		self._cache.set(self.session_key, self._session, se~~ttings.SESSION_COOKIE_AGE~~)
	18	self._cache.set(self.session_key, self._session, self.get_expiry_age())
19	19
20	20	def exists(self, session_key):
21	21	if self._cache.get(session_key):
22	22	return True
23	23	return False
24
	24
25	25	def delete(self, session_key):
26	26	self._cache.delete(session_key)

django/contrib/sessions/backends/db.py

old	new
10	10	"""
11	11	def __init__(self, session_key=None):
12	12	super(SessionStore, self).__init__(session_key)
13
	13
14	14	def load(self):
15	15	try:
16	16	s = Session.objects.get(
17		session_key = self.session_key,
	17	session_key = self.session_key,
18	18	expire_date__gt=datetime.datetime.now()
19	19	)
20	20	return self.decode(s.session_data)
21	21	except (Session.DoesNotExist, SuspiciousOperation):
22
	22
23	23	# Create a new session_key for extra security.
24	24	self.session_key = self._get_new_session_key()
25	25	self._session_cache = {}
…	…
27	27	# Save immediately to minimize collision
28	28	self.save()
29	29	return {}
30
	30
31	31	def exists(self, session_key):
32	32	try:
33	33	Session.objects.get(session_key=session_key)
34	34	except Session.DoesNotExist:
35	35	return False
36	36	return True
37
	37
38	38	def save(self):
39	39	Session.objects.create(
40	40	session_key = self.session_key,
41	41	session_data = self.encode(self._session),
42		expire_date = ~~datetime.datetime.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE~~)
	42	expire_date = self.get_expiry_date()
43	43	)
44
	44
45	45	def delete(self, session_key):
46	46	try:
47	47	Session.objects.get(session_key=session_key).delete()

AUTHORS

old	new
327	327	tstromberg@google.com
328	328	Makoto Tsuyuki <mtsuyuki@gmail.com>
329	329	tt@gurgle.no
330		Amit Upadhyay
	330	Amit Upadhyay <http://www.amitu.com/blog/>
331	331	Geert Vanderkelen
332	332	I.S. van Oostveen <v.oostveen@idca.nl>
333	333	viestards.lists@gmail.com

docs/sessions.txt

old	new
80	80	It implements the following standard dictionary methods:
81	81
82	82	* ``__getitem__(key)``
	83
83	84	Example: ``fav_color = request.session['fav_color']``
84	85
85	86	* ``__setitem__(key, value)``
	87
86	88	Example: ``request.session['fav_color'] = 'blue'``
87	89
88	90	* ``__delitem__(key)``
	91
89	92	Example: ``del request.session['fav_color']``. This raises ``KeyError``
90	93	if the given ``key`` isn't already in the session.
91	94
92	95	* ``__contains__(key)``
	96
93	97	Example: ``'fav_color' in request.session``
94	98
95	99	* ``get(key, default=None)``
	100
96	101	Example: ``fav_color = request.session.get('fav_color', 'red')``
97	102
98	103	* ``keys()``
…	…
101	106
102	107	* ``setdefault()`` (New in Django development version)
103	108
104		It also has these ~~three~~ methods:
	109	It also has these methods:
105	110
106	111	* ``set_test_cookie()``
	112
107	113	Sets a test cookie to determine whether the user's browser supports
108	114	cookies. Due to the way cookies work, you won't be able to test this
109	115	until the user's next page request. See "Setting test cookies" below for
110	116	more information.
111	117
112	118	* ``test_cookie_worked()``
	119
113	120	Returns either ``True`` or ``False``, depending on whether the user's
114	121	browser accepted the test cookie. Due to the way cookies work, you'll
115	122	have to call ``set_test_cookie()`` on a previous, separate page request.
116	123	See "Setting test cookies" below for more information.
117	124
118	125	* ``delete_test_cookie()``
	126
119	127	Deletes the test cookie. Use this to clean up after yourself.
120	128
	129	* ``set_expiry(value)``
	130
	131	New in Django development version
	132
	133	Sets a custom expiration for the session.
	134
	135	If ``value`` is an integer, the session will expire after that many
	136	seconds of inactivity. If set to ``0`` then the user's session cookie will
	137	expire when their browser is closed.
	138
	139	If ``value`` is a ``datetime`` or ``timedelta`` object, the session will
	140	expire at that specific time.
	141
	142	If ``value`` is ``None``, the session reverts to using the global session
	143	expiry policy.
	144
	145	* ``get_expiry_age()``
	146
	147	New in Django development version
	148
	149	Returns the number of seconds until this session expires. For sessions
	150	with no custom expiration (or those set to expire at browser close), this
	151	will equal ``settings.SESSION_COOKIE_AGE``.
	152
	153	* ``get_expiry_date()``
	154
	155	New in Django development version
	156
	157	Returns the date this session will expire. For sessions with no custom
	158	expiration (or those set to expire at browser close), this will equal the
	159	date ``settings.SESSION_COOKIE_AGE`` seconds from now.
	160
	161	* ``get_expire_at_browser_close()``
	162
	163	New in Django development version
	164
	165	Returns either ``True`` or ``False``, depending on whether the user's
	166	session cookie will expire when their browser is closed.
	167
121	168	You can edit ``request.session`` at any point in your view. You can edit it
122	169	multiple times.
123	170
…	…
278	325	her browser. Use this if you want people to have to log in every time they open
279	326	a browser.
280	327
	328	New in Django development version
	329
	330	This setting is a global default and can be overwritten at a per-session level
	331	by explicitly calling ``request.session.set_expiry()`` as described above in
	332	`using sessions in views`_.
	333
281	334	Clearing the session table
282	335	==========================
283	336

Code

Ticket #2548: session_middleware.22.diff

django/conf/global_settings.py

django/contrib/sessions/middleware.py

django/contrib/sessions/tests.py

django/contrib/sessions/backends/base.py

django/contrib/sessions/backends/cache.py

django/contrib/sessions/backends/db.py

AUTHORS

docs/sessions.txt

Download in other formats: