Ticket #2548: session_middleware.7.diff
| File session_middleware.7.diff, 6.1 kB (added by upadhyay@gmail.com, 1 year ago) |
|---|
-
AUTHORS
old new 229 229 Karen Tracey <graybark@bellsouth.net> 230 230 Makoto Tsuyuki <mtsuyuki@gmail.com> 231 231 tt@gurgle.no 232 Amit Upadhyay 232 Amit Upadhyay <http://www.amitu.com/blog/> 233 233 Geert Vanderkelen 234 234 viestards.lists@gmail.com 235 235 Milton Waddams -
django/contrib/sessions/middleware.py
old new 1 1 from django.conf import settings 2 from django.contrib.sessions.models import Session 2 from django.contrib.sessions.models import Session, TILL_BROWSER_CLOSE 3 3 from django.core.exceptions import SuspiciousOperation 4 4 from django.utils.cache import patch_vary_headers 5 5 import datetime … … 48 48 def delete_test_cookie(self): 49 49 del self[TEST_COOKIE_NAME] 50 50 51 def set_life(self, val): 52 """ 53 sets the life of the session, irrespective of global settings. 54 val is in seconds. 55 56 django.contrib.sessions.models.TILL_BROWSER_CLOSE can also be passed 57 to ask django to quell session on browser close, overwriting global settings. 58 """ 59 if val == TILL_BROWSER_CLOSE: 60 self["_expires_on"] = TILL_BROWSER_CLOSE 61 else: 62 self["_expires_on"] = datetime.datetime.now() + datetime.timedelta(seconds=val) 63 51 64 def _get_session(self): 52 65 # Lazily loads session from storage. 53 66 self.accessed = True … … 92 105 obj = Session.objects.get_new_session_object() 93 106 session_key = obj.session_key 94 107 95 if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE: 96 max_age = None 97 expires = None 98 else: 99 max_age = settings.SESSION_COOKIE_AGE 100 expires = datetime.datetime.strftime(datetime.datetime.utcnow() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE), "%a, %d-%b-%Y %H:%M:%S GMT") 101 new_session = Session.objects.save(session_key, request.session._session, 102 datetime.datetime.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)) 103 response.set_cookie(settings.SESSION_COOKIE_NAME, session_key, 108 now = datetime.datetime.now() 109 delta_yield = now + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE) 110 if ( 111 ( 112 # if session is set to expire on browser close globally 113 settings.SESSION_EXPIRE_AT_BROWSER_CLOSE and 114 # but someone did not set _expires_on, or set it to TILL_BROWSER_CLOSE 115 request.session.get("_expires_on", TILL_BROWSER_CLOSE) == TILL_BROWSER_CLOSE 116 ) or 117 ( 118 # if someone asked as to expire on browser close irrespective of global setting 119 request.session.get("_expires_on") == TILL_BROWSER_CLOSE 120 ) 121 ): 122 max_age = None # session expiry is simulated by cookie deletion. 123 expires = None # which is done by setting these two to None 124 else: # session need to be preserved, cookie has to be set 125 delta_yield = request.session.get("_expires_on", delta_yield) 126 max_age_timedelta = delta_yield - now 127 max_age = max_age_timedelta.days * 24 * 60 * 60 + max_age_timedelta.seconds 128 expires = datetime.datetime.strftime(delta_yield, "%a, %d-%b-%Y %H:%M:%S GMT") 129 Session.objects.save(session_key, request.session._session, delta_yield) 130 response.set_cookie( 131 settings.SESSION_COOKIE_NAME, session_key, 104 132 max_age=max_age, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN, 105 secure=settings.SESSION_COOKIE_SECURE or None) 133 secure=settings.SESSION_COOKIE_SECURE or None 134 ) 106 135 return response -
django/contrib/sessions/models.py
old new 4 4 from django.utils.translation import gettext_lazy as _ 5 5 from django.conf import settings 6 6 7 TILL_BROWSER_CLOSE = -1 8 7 9 class SessionManager(models.Manager): 8 10 def encode(self, session_dict): 9 11 "Returns the given session dictionary pickled and encoded as a string." -
docs/sessions.txt
old new 58 58 59 59 * ``items()`` 60 60 61 It also has these threemethods:61 It also has these four methods: 62 62 63 63 * ``set_test_cookie()`` 64 64 Sets a test cookie to determine whether the user's browser supports … … 75 75 * ``delete_test_cookie()`` 76 76 Deletes the test cookie. Use this to clean up after yourself. 77 77 78 * ``set_life(val)`` 79 It takes an integer, number of seconds for which the session should be 80 valid. It can also take django.contrib.session.models.TILL_BROWSER_CLOSE, 81 that will quell the session at the close of browser. Calling set_life 82 will overwrite the global/default session expiry policy. See 83 `browser-length sessions vs. persistent sessions` for default session expiry 84 policy. 85 78 86 You can edit ``request.session`` at any point in your view. You can edit it 79 87 multiple times. 80 88 … … 217 225 her browser. Use this if you want people to have to log in every time they open 218 226 a browser. 219 227 228 These settings are global defaults, and can be overwritten by explicitly calling 229 ``request.session.set_life()`` as described above. 230 220 231 Clearing the session table 221 232 ========================== 222 233
