Ticket #16199: 16199.1.diff

File 16199.1.diff, 5.1 KB (added by jezdez, 4 years ago)

Ported over Eric's backend

  • new file django/contrib/sessions/backends/cookies.py

    diff --git a/django/contrib/sessions/backends/cookies.py b/django/contrib/sessions/backends/cookies.py
    new file mode 100644
    index 0000000..550d26b
    - +  
     1from django.conf import settings
     2from django.core import signing
     3
     4from django.contrib.sessions.backends.base import SessionBase
     5
     6
     7class SessionStore(SessionBase):
     8
     9    def load(self):
     10        """
     11        We load the data from the key itself instead of fetching from some
     12        external data store.
     13        """
     14        try:
     15            return signing.loads(self._session_key,
     16                max_age=settings.SESSION_COOKIE_AGE,
     17                salt='django.contrib.sessions.backends.cookies')
     18        except (signing.BadSignature, ValueError):
     19            self.create()
     20            return {}
     21
     22    def create(self):
     23        """
     24        To create a new key, we simply make sure that the modified flag is set
     25        so that the cookie is set on the client for the current request.
     26        """
     27        self.modified = True
     28
     29    def save(self):
     30        """
     31        To save, we get the session key as a securely signed string and then
     32        set the modified flag so that the cookie is set on the client for the
     33        current request.
     34        """
     35        self._session_key = self._get_session_key()
     36        self.modified = True
     37
     38    def exists(self, session_key=None):
     39        """
     40        This method makes sense when you're talking to a shared resource, but
     41        it doesn't matter when you're storing the information in the client's
     42        cookie.
     43        """
     44        return False
     45
     46    def delete(self, session_key=None):
     47        """
     48        To delete, we clear the session key and the underlying data structure
     49        and set the modified flag so that the cookie is set on the client for
     50        the current request.
     51        """
     52        self._session_key = ''
     53        self._session_cache = {}
     54        self.modified = True
     55
     56    def cycle_key(self):
     57        """
     58        Keeps the same data but with a new key.  To do this, we just have to
     59        call ``save()`` and it will automatically save a cookie with a new key
     60        at the end of the request.
     61        """
     62        self.save()
     63
     64    def _get_session_key(self):
     65        """
     66        Most session backends don't need to override this method, but we do,
     67        because instead of generating a random string, we want to actually
     68        generate a secure url-safe Base64-encoded string of data as our
     69        session key.
     70        """
     71        return signing.dumps(getattr(self, '_session_cache', {}),
     72            salt='django.contrib.sessions.backends.cookies', compress=True)
  • django/contrib/sessions/tests.py

    diff --git a/django/contrib/sessions/tests.py b/django/contrib/sessions/tests.py
    index 2eb43f3..af4c37d 100644
    a b from django.contrib.sessions.backends.db import SessionStore as DatabaseSession 
    77from django.contrib.sessions.backends.cache import SessionStore as CacheSession
    88from django.contrib.sessions.backends.cached_db import SessionStore as CacheDBSession
    99from django.contrib.sessions.backends.file import SessionStore as FileSession
     10from django.contrib.sessions.backends.cookies import SessionStore as CookieSession
    1011from django.contrib.sessions.models import Session
    1112from django.contrib.sessions.middleware import SessionMiddleware
    1213from django.core.exceptions import ImproperlyConfigured, SuspiciousOperation
    class SessionMiddlewareTests(unittest.TestCase): 
    361362        # Handle the response through the middleware
    362363        response = middleware.process_response(request, response)
    363364        self.assertTrue(response.cookies[settings.SESSION_COOKIE_NAME]['httponly'])
     365
     366
     367class CacheDBSessionTests(SessionTestsMixin, TestCase):
     368
     369    backend = CookieSession
     370
     371    def test_save(self):
     372        """
     373        This test tested exists() in the other session backends, but that
     374        doesn't make sense for us.
     375        """
     376        pass
  • docs/topics/http/sessions.txt

    diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt
    index 8529f53..4632641 100644
    a b defaults to output from ``tempfile.gettempdir()``, most likely ``/tmp``) to 
    9595control where Django stores session files. Be sure to check that your Web
    9696server has permissions to read and write to this location.
    9797
     98Using cookies-based sessions
     99----------------------------
     100
     101.. versionadded:: 1.4
     102
     103To use cookies-based sessions, set the :setting:`SESSION_ENGINE` setting to
     104``"django.contrib.sessions.backends.cookies"``. The session data will be
     105stored using Django's tools for :doc:`cryptographic signing </topics/signing>`
     106and the :setting:`SECRET_KEY` setting.
    98107
    99108Using sessions in views
    100109=======================
    Controls where Django stores session data. Valid values are: 
    420429    * ``'django.contrib.sessions.backends.file'``
    421430    * ``'django.contrib.sessions.backends.cache'``
    422431    * ``'django.contrib.sessions.backends.cached_db'``
     432    * ``'django.contrib.sessions.backends.cookies'``
    423433
    424434See `configuring the session engine`_ for more details.
    425435
Back to Top