def set_cookie(request: Request, response: Response, name: str, value: str):
if request.app['config'].get('authn.cookie.secure'):
cookie_secure: Optional[str] = 'yes'
else:
cookie_secure = None
response.set_cookie(name, value, secure=cookie_secure, httponly='yes')
def set(self, http_response: Response, user_id) -> None:
session = self._gen_secret_session(user_id)
http_response.set_cookie(
SessionManager.session_name,
value=session
)
return http_response
async def test_no_warn_small_cookie(buf: Any, writer: Any) -> None:
resp = Response()
resp.set_cookie("foo", "ÿ" + "8" * 4064, max_age=2600) # No warning
req = make_request("GET", "/", writer=writer)
await resp.prepare(req)
await resp.write_eof()
cookie = re.search(b"Set-Cookie: (.*?)\r\n", buf).group(1)
assert len(cookie) == 4096
async def post(self, request):
payload = await request.json()
jsonschema.validate(payload,
AUTHENTICATE_CREATE,
format_checker=jsonschema.draft4_format_checker)
payload = payload.get('data')
user = await self.users.check_credentials(payload)
result = await self.sessions.create(user)
response = Response(text=json.dumps(result))
response.content_type = 'application/json'
response.set_status(201)
response.set_cookie('SESSION', result['data']['id'], httponly=True)
return response
async def test_warn_large_cookie(buf: Any, writer: Any) -> None:
resp = Response()
with pytest.warns(
UserWarning,
match=
"The size of is too large, it might get ignored by the client.",
):
resp.set_cookie("foo", "ÿ" + "8" * 4065, max_age=2600)
req = make_request("GET", "/", writer=writer)
await resp.prepare(req)
await resp.write_eof()
cookie = re.search(b"Set-Cookie: (.*?)\r\n", buf).group(1)
assert len(cookie) == 4097
def set_cookie(self, request: Request, response: Response, userid: str):
key = request.app['cookie_key']
value = urlsafe_b64encode(crypt(key, userid)).decode('utf-8')
config = request.app['config']
cookie_name: str = config.get('authn.cookie.id_name')
cookie_max_age: int = config.get('authn.cookie.max_age')
if config.get('authn.cookie.secure'):
cookie_secure: Optional[str] = 'yes'
else:
cookie_secure = None
logger.debug('Set cookie %s=%s', cookie_name, value)
response.set_cookie(cookie_name,
value,
max_age=cookie_max_age,
secure=cookie_secure,
httponly='yes')
def make_json_response(
result: Optional[Dict] = None,
status: int = 200,
set_cookies: Optional[Dict[str, str]] = None,
wrap_result: bool = True,
) -> Response:
response = Response(
text=json.dumps(({
"ok": (status == 200),
"result": (result or {}),
} if wrap_result else result),
sort_keys=True,
indent=4),
status=status,
content_type="application/json",
)
if set_cookies:
for (key, value) in set_cookies.items():
response.set_cookie(key, value)
return response
def set_cookie(self, response: web.Response) -> web.Response:
response.set_cookie(name=self.AUTH_COOKIE_KEY,
value=self.user_token.access_token,
secure=True)
return response
async def set_dummy(response: web.Response):
response.set_cookie('dummy', 'dummy-cookie')
