Ticket #2548: session_middleware.15.diff
| File session_middleware.15.diff, 10.0 KB (added by , 17 years ago) |
|---|
-
django/contrib/sessions/middleware.py
25 25 if accessed: 26 26 patch_vary_headers(response, ('Cookie',)) 27 27 if modified or settings.SESSION_SAVE_EVERY_REQUEST: 28 if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE:28 if request.session.get_expire_at_browser_close(): 29 29 max_age = None 30 30 expires = None 31 31 else: 32 max_age = settings.SESSION_COOKIE_AGE 33 rfcdate = formatdate(time.time() + settings.SESSION_COOKIE_AGE) 34 32 max_age = request.session.get_max_age() 33 expiry_date = request.session.get_expiry_date() 35 34 # Fixed length date must have '-' separation in the format 36 35 # DD-MMM-YYYY for compliance with Netscape cookie standard 37 expires = datetime.datetime.strftime(datetime.datetime.utcnow() + \ 38 datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE), "%a, %d-%b-%Y %H:%M:%S GMT") 36 expires = expiry_date.strftime('%a, %d-%b-%Y %H:%M:%S GMT') 39 37 40 38 # Save the seesion data and refresh the client cookie. 41 39 request.session.save() -
django/contrib/sessions/tests.py
75 75 76 76 >>> s.pop('some key', 'does not exist') 77 77 'does not exist' 78 79 ######################### 80 # Custom session expiry # 81 ######################### 82 83 >>> from django.conf import settings 84 >>> from datetime import datetime, timedelta 85 86 >>> td10 = timedelta(seconds=10) 87 88 # A normal session has a max age equal to settings 89 >>> s.get_max_age() == settings.SESSION_COOKIE_AGE 90 True 91 92 # So does a custom session with an idle expiration time of 0 (but it'll expire 93 # at browser close) 94 >>> s.set_expiry(0) 95 >>> s.get_max_age() == settings.SESSION_COOKIE_AGE 96 True 97 98 # Custom session idle expiration time 99 >>> s.set_expiry(10) 100 >>> delta = s.get_expiry_date() - datetime.utcnow() 101 >>> delta.seconds in (9, 10) 102 True 103 >>> age = s.get_max_age() 104 >>> age in (9, 10) 105 True 106 107 # Custom session fixed expiry date (timedelta) 108 >>> s.set_expiry(td10) 109 >>> delta = s.get_expiry_date() - datetime.utcnow() 110 >>> delta.seconds in (9, 10) 111 True 112 >>> age = s.get_max_age() 113 >>> age in (9, 10) 114 True 115 116 # Custom session fixed expiry date (fixed datetime) 117 >>> s.set_expiry(datetime.utcnow() + td10) 118 >>> delta = s.get_expiry_date() - datetime.utcnow() 119 >>> delta.seconds in (9, 10) 120 True 121 >>> age = s.get_max_age() 122 >>> age in (9, 10) 123 True 124 125 # Set back to default session age 126 >>> s.set_expiry(None) 127 >>> s.get_max_age() == settings.SESSION_COOKIE_AGE 128 True 129 130 # Allow to set back to default session age even if no alternate has been set 131 >>> s.set_expiry(None) 132 133 134 # We're changing the setting then reverting back to the original setting at the 135 # end of these tests. 136 >>> original_expire_at_browser_close = settings.SESSION_EXPIRE_AT_BROWSER_CLOSE 137 >>> settings.SESSION_EXPIRE_AT_BROWSER_CLOSE = False 138 139 # Custom session age 140 >>> s.set_expiry(10) 141 >>> s.get_expire_at_browser_close() 142 False 143 144 # Custom expire-at-browser-close 145 >>> s.set_expiry(0) 146 >>> s.get_expire_at_browser_close() 147 True 148 149 # Default session age 150 >>> s.set_expiry(None) 151 >>> s.get_expire_at_browser_close() 152 False 153 154 >>> settings.SESSION_EXPIRE_AT_BROWSER_CLOSE = True 155 156 # Custom session age 157 >>> s.set_expiry(10) 158 >>> s.get_expire_at_browser_close() 159 False 160 161 # Custom expire-at-browser-close 162 >>> s.set_expiry(0) 163 >>> s.get_expire_at_browser_close() 164 True 165 166 # Default session age 167 >>> s.set_expiry(None) 168 >>> s.get_expire_at_browser_close() 169 True 170 171 >>> settings.SESSION_EXPIRE_AT_BROWSER_CLOSE = original_expire_at_browser_close 78 172 """ 79 173 80 174 if __name__ == '__main__': -
django/contrib/sessions/backends/base.py
4 4 import random 5 5 import sys 6 6 import time 7 from datetime import datetime, timedelta 7 8 from django.conf import settings 8 9 from django.core.exceptions import SuspiciousOperation 9 10 … … 120 121 121 122 _session = property(_get_session) 122 123 124 def get_max_age(self): 125 expiry = self.get('_session_expiry') 126 if not expiry: # Checks both None and 0 cases 127 return settings.SESSION_COOKIE_AGE 128 if not isinstance(expiry, datetime): 129 return expiry 130 delta = expiry - datetime.utcnow() 131 return delta.days * 86400 + delta.seconds 132 133 def get_expiry_date(self): 134 "Returns the expiry date (in UTC)" 135 expiry = self.get('_session_expiry', settings.SESSION_COOKIE_AGE) 136 if isinstance(expiry, datetime): 137 return expiry 138 return datetime.utcnow() + timedelta(seconds=expiry) 139 140 def set_expiry(self, value): 141 """ 142 Sets a custom expiration for the session. ``value`` can be an integer, a 143 Python ``datetime`` or ``timedelta`` object or ``None``. 144 145 If ``value`` is an integer, the session will expire after that many 146 seconds of inactivity. If set to ``0`` then the session will expire on 147 browser close. 148 149 If ``value`` is a ``datetime`` or ``timedelta`` object, the session 150 will expire at that specific future time (``datetime`` objects should be 151 UTC). 152 153 If ``value`` is ``None``, the session uses the global session expiry 154 policy. 155 """ 156 if value is None: 157 # Remove any custom expiration for this session. 158 try: 159 del self['_session_expiry'] 160 except KeyError: 161 pass 162 return 163 if isinstance(value, timedelta): 164 value = datetime.utcnow() + value 165 self['_session_expiry'] = value 166 167 def get_expire_at_browser_close(self): 168 if self.get('_session_expiry') is None: 169 return settings.SESSION_EXPIRE_AT_BROWSER_CLOSE 170 return self.get('_session_expiry') == 0 171 123 172 # Methods that child classes must implement. 124 173 125 174 def exists(self, session_key): -
AUTHORS
311 311 tstromberg@google.com 312 312 Makoto Tsuyuki <mtsuyuki@gmail.com> 313 313 tt@gurgle.no 314 Amit Upadhyay 314 Amit Upadhyay <http://www.amitu.com/blog/> 315 315 Geert Vanderkelen 316 316 viestards.lists@gmail.com 317 317 George Vilches <gav@thataddress.com> -
docs/sessions.txt
80 80 It implements the following standard dictionary methods: 81 81 82 82 * ``__getitem__(key)`` 83 83 84 Example: ``fav_color = request.session['fav_color']`` 84 85 85 86 * ``__setitem__(key, value)`` 87 86 88 Example: ``request.session['fav_color'] = 'blue'`` 87 89 88 90 * ``__delitem__(key)`` 91 89 92 Example: ``del request.session['fav_color']``. This raises ``KeyError`` 90 93 if the given ``key`` isn't already in the session. 91 94 92 95 * ``__contains__(key)`` 96 93 97 Example: ``'fav_color' in request.session`` 94 98 95 99 * ``get(key, default=None)`` 100 96 101 Example: ``fav_color = request.session.get('fav_color', 'red')`` 97 102 98 103 * ``keys()`` 99 104 100 105 * ``items()`` 101 106 102 It also has these threemethods:107 It also has these methods: 103 108 104 109 * ``set_test_cookie()`` 110 105 111 Sets a test cookie to determine whether the user's browser supports 106 112 cookies. Due to the way cookies work, you won't be able to test this 107 113 until the user's next page request. See "Setting test cookies" below for 108 114 more information. 109 115 110 116 * ``test_cookie_worked()`` 117 111 118 Returns either ``True`` or ``False``, depending on whether the user's 112 119 browser accepted the test cookie. Due to the way cookies work, you'll 113 120 have to call ``set_test_cookie()`` on a previous, separate page request. 114 121 See "Setting test cookies" below for more information. 115 122 116 123 * ``delete_test_cookie()`` 124 117 125 Deletes the test cookie. Use this to clean up after yourself. 118 126 127 * ``set_expiry(value)`` 128 129 Sets a custom expiration for the session. 130 131 If ``value`` is an integer, the session will expire after that many 132 seconds of inactivity. If set to ``0`` then the session will expire when 133 the user's browser is closed. 134 135 If ``value`` is a ``datetime`` or ``timedelta`` object, the session will 136 expire at that specific time. 137 138 If ``value`` is ``None``, the session reverts to using the global session 139 expiry policy. 140 141 * ``get_max_age()`` 142 143 Returns the number of seconds until this session expires. For sessions 144 with no custom expiration (or those set to expire at browser close), this 145 will equal ``settings.SESSION_COOKIE_AGE``. 146 147 * ``get_expiry_date()`` 148 149 Returns the date this session will expire. For sessions with no custom 150 expiration (or those set to expire at browser close), this will equal the 151 date ``settings.SESSION_COOKIE_AGE`` seconds from now. 152 153 * ``get_expire_at_browser_close()`` 154 155 Returns either ``True`` or ``False``, depending on whether this session 156 will expire when the user's browser is closed. 157 119 158 You can edit ``request.session`` at any point in your view. You can edit it 120 159 multiple times. 121 160 … … 276 315 her browser. Use this if you want people to have to log in every time they open 277 316 a browser. 278 317 318 This setting is a global default and can be overwritten by explicitly calling 319 ``request.session.set_expiry()`` as described above in 320 `using sessions in views`_. 321 279 322 Clearing the session table 280 323 ========================== 281 324