def make_ss(session):
sid = session.sid
if not sid:
in_mc = in_db = False
else:
pdump = memcache.get(sid)
if pdump and session.data == Session._Session__decode_data(pdump):
in_mc = True
else:
in_mc = False
try:
sm = SessionModel.get_by_key_name(sid)
if sm and session.data == Session._Session__decode_data(sm.pdump):
in_db = True
else:
in_db = False
if sm:
logger.info('in db, but stale: current=%s db=%s' %
(session.data,
Session._Session__decode_data(sm.pdump)))
else:
logger.info('session not in db at all')
except Exception, e:
logging.warn('db failed: %s => %s' % (type(e), e))
in_db = False # db failure (perhaps it is down)
def __check_cookies(self):
# check the cookie to make sure it specifies a SID and is signed properly
cookies = self.app.cookies
if len(cookies)==0:
if self.ss.sid:
assert False, 'no cookie data received but we expected SID to be present'
else:
return # no session + no cookie_data = correct!
keys = cookies.keys()
keys.sort()
aggr = ''.join(cookies[k] for k in keys)
sig = aggr[:SIG_LEN]
sid = aggr[SIG_LEN:SIG_LEN+SID_LEN]
data = aggr[SIG_LEN+SID_LEN:]
pdump = b64decode(data)
if sid is '':
sid = None
assert self.ss.sid == sid, 'cookie specifies SID %s but we expected %s' % (sid, self.ss.sid)
if not sid:
assert sig is '', "sig should not be present if there is no sid"
else:
exp_sig = Session._Session__compute_hmac(self.app_args['cookie_key'], sid, pdump)
assert sig==exp_sig, 'cookie received with invalid sig %s (expected %s)' % (sig, exp_sig)
# check the cookies' data too
if self.data_should_be_in_cookie:
if pdump:
data = Session._Session__decode_data(pdump)
else:
data = None
assert self.ss.data==data, 'cookie does not contain the correct data:\n\tlocal: %s\n\tcookie: %s' % (self.ss.data, data)
else:
assert len(pdump)==0, "cookie specifies data but there shouldn't be any"
def make_ss(session):
sid = session.sid
if not sid:
in_mc = in_db = False
else:
pdump = memcache.get(sid)
if pdump and session.data==Session._Session__decode_data(pdump):
in_mc = True
else:
in_mc = False
try:
sm = SessionModel.get_by_key_name(sid)
if sm and session.data==Session._Session__decode_data(sm.pdump):
in_db = True
else:
in_db = False
if sm:
logger.info('in db, but stale: current=%s db=%s' % (session.data, Session._Session__decode_data(sm.pdump)))
else:
logger.info('session not in db at all')
except Exception, e:
logging.warn('db failed: %s => %s' % (type(e), e))
in_db = False # db failure (perhaps it is down)
def __check_cookies(self):
# check the cookie to make sure it specifies a SID and is signed properly
cookies = self.app.cookies
if len(cookies) == 0:
if self.ss.sid:
assert False, 'no cookie data received but we expected SID to be present'
else:
return # no session + no cookie_data = correct!
keys = cookies.keys()
keys.sort()
aggr = ''.join(cookies[k] for k in keys)
sig = aggr[:SIG_LEN]
sid = aggr[SIG_LEN:SIG_LEN + SID_LEN]
data = aggr[SIG_LEN + SID_LEN:]
pdump = b64decode(data)
if sid is '':
sid = None
assert self.ss.sid == sid, 'cookie specifies SID %s but we expected %s' % (
sid, self.ss.sid)
if not sid:
assert sig is '', "sig should not be present if there is no sid"
else:
exp_sig = Session._Session__compute_hmac(
self.app_args['cookie_key'], sid, pdump)
assert sig == exp_sig, 'cookie received with invalid sig %s (expected %s)' % (
sig, exp_sig)
# check the cookies' data too
if self.data_should_be_in_cookie:
if pdump:
data = Session._Session__decode_data(pdump)
else:
data = None
assert self.ss.data == data, 'cookie does not contain the correct data:\n\tlocal: %s\n\tcookie: %s' % (
self.ss.data, data)
else:
assert len(
pdump) == 0, "cookie specifies data but there shouldn't be any"
