Ticket #18194: files-sessions-server-expiry-2.patch

File files-sessions-server-expiry-2.patch, 3.0 KB (added by crodjer, 3 years ago)

Patch 2 - Added a test to represent the problem statement and a separate function to check file session expiry.

  • django/contrib/sessions/backends/file.py

    diff --git a/django/contrib/sessions/backends/file.py b/django/contrib/sessions/backends/file.py
    index 0f86908..7b71ede 100644
    a b  
    11import errno
    22import os
    33import tempfile
     4import time
    45
    56from django.conf import settings
    67from django.contrib.sessions.backends.base import SessionBase, CreateError
    class SessionStore(SessionBase): 
    4950        try:
    5051            with open(self._key_to_file(), "rb") as session_file:
    5152                file_data = session_file.read()
    52             # Don't fail if there is no data in the session file.
    53             # We may have opened the empty placeholder file.
    54             if file_data:
    55                 try:
    56                     session_data = self.decode(file_data)
    57                 except (EOFError, SuspiciousOperation):
     53                # Create new session in case of an expired one
     54                if self._expired():
    5855                    self.create()
     56                # Don't fail if there is no data in the session file.
     57                # We may have opened the empty placeholder file.
     58                elif file_data:
     59                    try:
     60                        session_data = self.decode(file_data)
     61                    except (EOFError, SuspiciousOperation):
     62                        self.create()
    5963        except IOError:
    6064            self.create()
    6165        return session_data
    class SessionStore(SessionBase): 
    127131        except (OSError, IOError, EOFError):
    128132            pass
    129133
     134    def _expired(self):
     135        # The age of session file from last modify time
     136        age = time.time() - os.path.getmtime(self._key_to_file())
     137        return age > settings.SESSION_COOKIE_AGE
     138
    130139    def exists(self, session_key):
    131140        return os.path.exists(self._key_to_file(session_key))
    132141
  • django/contrib/sessions/tests.py

    diff --git a/django/contrib/sessions/tests.py b/django/contrib/sessions/tests.py
    index 92ea6bb..d6da388 100644
    a b class FileSessionTests(SessionTestsMixin, unittest.TestCase): 
    345345        self.assertRaises(SuspiciousOperation,
    346346                          self.backend("a/b/c").load)
    347347
     348    # This test fails with cookie and cache session, thats why added it to
     349    # file tests only.
     350    @override_settings(SESSION_COOKIE_AGE=0)
     351    def test_onload_expiry_check(self):
     352        """
     353        Test to ensure that expiry of session is checked on-load
     354        """
     355
     356        self.session['test-data'] = True
     357        old_key = self.session.session_key
     358        self.session.save()
     359        self.assertTrue(self.session.get('test-data'))
     360        self.session.load()
     361        new_key = self.session.session_key
     362
     363        # Make sure a new key was generated after the invalidation of the old
     364        # one.
     365        self.assertNotEqual(old_key, new_key)
     366        # The key test-data should not be present in the session.
     367        self.assertFalse(self.session.get('test-data'))
    348368
    349369class CacheSessionTests(SessionTestsMixin, unittest.TestCase):
    350370
Back to Top