Ticket #2548: session_middleware.diff

contrib/sessions/middleware.py

@@ -12 +12 @@
         self.session_key = session_key
         self.accessed = False
         self.modified = False
+        self.expires_time = False
 
     def __contains__(self, key):
         return key in self._session
@@ -48 +49 @@
     def delete_test_cookie(self):
         del self[TEST_COOKIE_NAME]
 
+    def set_expires(self, val):
+        self.expires_time = val
+        self.modified = True
+
+    def get_expires(self):
+        return self.expires_time or settings.SESSION_COOKIE_AGE
+
+
     def _get_session(self):
         # Lazily loads session from storage.
         self.accessed = True
@@ -69 +78 @@
             return self._session_cache
 
     _session = property(_get_session)
+    expires = property(get_expires, set_expires)
 
 class SessionMiddleware(object):
     def process_request(self, request):
@@ -96 +106 @@
                     max_age = None
                     expires = None
                 else:
-                    max_age = settings.SESSION_COOKIE_AGE
-                    expires = datetime.datetime.strftime(datetime.datetime.utcnow() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE), "%a, %d-%b-%Y %H:%M:%S GMT")
+                    max_age = request.session.expires
+                    delta_yield = datetime.datetime.now() + datetime.timedelta(seconds=max_age)
+                    expires = datetime.datetime.strftime(delta_yield, "%a, %d-%b-%Y %H:%M:%S GMT")
                 new_session = Session.objects.save(session_key, request.session._session,
-                    datetime.datetime.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE))
+                    delta_yield)
                 response.set_cookie(settings.SESSION_COOKIE_NAME, session_key,
                     max_age=max_age, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
                     secure=settings.SESSION_COOKIE_SECURE or None)