def save_session(self, app, session, response): try: domain = self.get_cookie_domain(app) path = self.get_cookie_path(app) httponly = self.get_cookie_secure(app) secure = self.get_cookie_secure(app) expires = self.get_expiration_time(app, session) response.set_cookie(app.session_cookie_name, session['key'], expires=expires, httponly=httponly, domain=domain, path=path, secure=secure) try: obj = DjangoSession.objects.get(session_key=session['key']) except DjangoSession.DoesNotExist: obj = DjangoSession(session_key=session['key']) obj.session_data = pickle.dumps(dict(session)) obj.expire_date = expires or (datetime.now() + timedelta(days=30)) obj.save() finally: close_old_connections()
def save(self, must_create=False, schema=None): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ if schema == None: # add schema import inspect fx = inspect.stack() error_detail = "" for x in fx: error_detail += "\n\t {0}, line {1}".format(fx[1], fx[2]) raise (Exception( "can not call ''{1}'' without schema in '{0}'.\nDetail:\n{2}". format(__file__, "db.save", error_detail))) obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) try: with transaction.atomic(using=using): obj.save(force_insert=must_create, using=using, schema=schema) except IntegrityError: if must_create: raise CreateError raise
def authorize(request): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( CLIENT_SECRETS_FILE, scopes=SCOPES) flow.redirect_uri = '{0}/MyResources/oauth2callback'.format( '{scheme}://{host}'.format(host=request.get_host(), scheme=request.META.get('HTTP_X_FORWARDED_PROTO', 'http'))) authorization_url, state = flow.authorization_url( # Enable offline access so that you can refresh an access token without # re-prompting the user for permission. Recommended for web server apps. access_type='offline', # Enable incremental authorization. Recommended as a best practice. include_granted_scopes='true') # Store the state so the callback can verify the auth server response. try: session_state = Session.objects.get(session_key='state') session_state.session_data = state session_state.save() except Exception: session_state = Session(session_key='state', session_data=state, expire_date=zone.replace(year=2025)) session_state.save() session['state'] = state return redirect(authorization_url)
def save(self, must_create=False): obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) sid = transaction.savepoint(using=using) try: obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: transaction.savepoint_rollback(sid, using=using) raise CreateError raise data = self.encode(self._get_session(no_load=must_create)) formated_cookie = pickle.loads( base64.decodestring(data).split(":", 1)[1]) for k in formated_cookie: if type(formated_cookie[k]) is long: formated_cookie[k] = int(formated_cookie[k]) formated_cookie = json.dumps(formated_cookie) if redis.VERSION[0] >= 2: self.server.setex( self.get_real_stored_key(self._get_or_create_session_key()), self.get_expiry_age(), formated_cookie) else: self.server.set( self.get_real_stored_key(self._get_or_create_session_key()), formated_cookie) self.server.expire( self.get_real_stored_key(self._get_or_create_session_key()), self.get_expiry_age())
def save(self, must_create=False,schema = None): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ if schema == None: # add schema import inspect fx = inspect.stack() error_detail = "" for x in fx: error_detail += "\n\t {0}, line {1}".format(fx[1], fx[2]) raise ( Exception( "can not call ''{1}'' without schema in '{0}'.\nDetail:\n{2}".format( __file__, "db.save", error_detail ))) obj = Session( session_key=self._get_or_create_session_key(), session_data=self.encode(self._get_session(no_load=must_create)), expire_date=self.get_expiry_date() ) using = router.db_for_write(Session, instance=obj) try: with transaction.atomic(using=using): obj.save(force_insert=must_create, using=using, schema = schema) except IntegrityError: if must_create: raise CreateError raise
def test_configauth_delete_sessions(self): session = Session( session_key="session_key", expire_date=datetime.utcnow() + timedelta(days=1), ) session.save() call_command("configauth", rbac_url="") self.assertFalse(Session.objects.all().exists())
def get(self, request): try: account_id = request.user.id session_key = request.session.session_key logout(request) Session.remove(account_id, session_key) finally: return Response(status=status.HTTP_200_OK)
def setUp(self): from django_facebook import api from django_facebook.tests.mock_official_sdk import MockFacebookAPI api.FacebookAPI = MockFacebookAPI rf = RequestFactory() self.request = request = rf.get('/') request.user = AnonymousUser() from django.contrib.sessions.models import Session session = Session() request.session = session.get_decoded() print request.session
def save_session(self, app, session, response): try: obj = DjangoSession.objects.get(session_key=session['key']) except DjangoSession.DoesNotExist: obj = DjangoSession(session_key=session['key']) obj.session_data = json.dumps(dict(session, fix_imports=True)) obj.expire_date = get_datetime_now() + timedelta(days=365) obj.save() close_old_connections()
def _save(self, must_create, session): if must_create and ( cache.get('session-' + self.session_key) is not None or Session.get_by_key_name('k:' + self.session_key)): raise CreateError cache.delete('session-' + self.session_key) entity = Session(key_name='k:' + self.session_key, data=self.encode(session), expiry=self.get_expiry_date()) entity.put() cache.set('session-' + self.session_key, session, 1200)
def testRemoveExpiredUsers(self): # Users wihout usable passwords who don't have a current session record should be removed. u1 = User.objects.create_user(username_from_session("dummy"), "") u2 = User.objects.create_user("dummy2", "") s = Session(session_key="dummy", session_data="", expire_date=datetime.datetime.now() + datetime.timedelta(1)) s.save() c = remove_expired_users.Command() c.handle() users = User.objects.all() self.assertEqual(1, len(users)) self.assertEqual(u1, users[0])
def handle_noargs(self, *args, **kwargs): session_keys = backend.keys('*') count = len(session_keys) counter = 1 self.stdout.write('sessions to copy %d\n' % count) for session_key in session_keys: self.stdout.write('processing %d of %d\n' % (counter, count)) session_data = backend.get(session_key) if session_data is not None: try: SessionStore().decode(session_data) except (Error, TypeError): continue expire_date = timezone.now() + datetime.timedelta( seconds=backend.expire(session_key)) session_key = utils.remove_prefix(session_key) Session.objects.filter(session_key=session_key).delete() Session(session_key=session_key, session_data=session_data, expire_date=expire_date).save() counter += 1
def _gae_get_session(self, session_key): session = Session.get_by_key_name('k:' + session_key) if session: if session.expiry > datetime.now(): return session session.delete() return None
def test_check_anonymous_user_session_no_session(self, mock_User_filter, mock_UserSession_filter): mock_user = Mock(id=1) call_mock_User_filter = [mock_user] mock_session = Mock(id=2) # user_session.session p = PropertyMock( return_value=3, side_effect=Session.DoesNotExist('Object Does not exist')) type(mock_session).session = p call_mock_UserSession_filter = [mock_session] mock_User_filter.return_value = call_mock_User_filter mock_UserSession_filter.return_value = call_mock_UserSession_filter mock_user_del = Mock() mock_user.delete = mock_user_del # response = check_anonymous() mock_user_del.assert_called_once_with() mock_User_filter.assert_called_with(groups__name='Temporary') mock_UserSession_filter.assert_called_with( user__groups__name='Temporary')
def test_list_autofetches_list_both_session_and_user(self): user = User.objects.create(username="******", email="*****@*****.**") session = Session(session_key="foo") workflow = Workflow.create_and_init(owner_id=user.id) workflow.tabs.first().steps.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=datetime.datetime.now(), update_interval=1200, ) workflow2 = Workflow.create_and_init(anonymous_owner_session_key="foo") workflow2.tabs.first().steps.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=datetime.datetime.now(), update_interval=600, ) result = list_autofetches_json({"user": user, "session": session}) self.assertEqual( [a["workflow"]["id"] for a in result["autofetches"]], [workflow2.id, workflow.id], # ordered by update_interval )
def create_client(self): patcher = mocked_relations(User, Session) patcher.start() self.addCleanup(patcher.stop) user = User(pk=users.KIVE_USER_PK) User.objects.add(user) User.objects.model = User # noinspection PyUnresolvedReferences patcher = patch.object(User._meta, 'default_manager', User.objects) patcher.start() self.addCleanup(patcher.stop) dummy_session_key = 'dummysession' dummy_session = Session(session_key=dummy_session_key, expire_date=now() + timedelta(days=1), session_data=SessionStore().encode({ SESSION_KEY: users.KIVE_USER_PK, HASH_SESSION_KEY: user.get_session_auth_hash(), BACKEND_SESSION_KEY: 'django.contrib.auth.backends.ModelBackend' })) Session.objects.add(dummy_session) client = Client() client.cookies[settings.SESSION_COOKIE_NAME] = dummy_session_key client.force_login(kive_user()) return client
def build_request(self, **kwargs): request_kwargs = { "request_id": kwargs.get("request_id", 1), "scope": kwargs.get( "scope", { "user": kwargs.get("user", AnonymousUser()), "session": kwargs.get("session", Session()), "headers": kwargs.get("headers", ()), }, ), "workflow": kwargs.get("workflow", Workflow()), "path": kwargs.get("path", "test.path"), "arguments": kwargs.get("arguments", {}), } for key in list(request_kwargs["scope"].keys()) + list(request_kwargs.keys()): try: del kwargs[key] except KeyError: pass # Turn other params, like `wf_module_id=123`, into # `arguments={'wf_module_id':123}` request_kwargs["arguments"].update(kwargs) return HandlerRequest(**request_kwargs)
def build_request(self, **kwargs): request_kwargs = { 'request_id': kwargs.get('request_id', 1), 'scope': kwargs.get( 'scope', { 'user': kwargs.get('user', AnonymousUser()), 'session': kwargs.get('session', Session()), 'headers': kwargs.get('headers', ()), }), 'workflow': kwargs.get('workflow', Workflow()), 'path': kwargs.get('path', 'test.path'), 'arguments': kwargs.get('arguments', {}), } for key in (list(request_kwargs['scope'].keys()) + list(request_kwargs.keys())): try: del kwargs[key] except KeyError: pass # Turn other params, like `wf_module_id=123`, into # `arguments={'wf_module_id':123}` request_kwargs['arguments'].update(kwargs) return HandlerRequest(**request_kwargs)
def test_auth_owner_anonymous_owner(self): user = AnonymousUser() session = Session(session_key="foo") workflow = Workflow(anonymous_owner_session_key=session.session_key) ret = self.run_handler( handle_owner, user=user, session=session, workflow=workflow ) self.assertHandlerResponse(ret, {"role": "owner"})
def testRemoveExpiredUsers(self): # Users wihout usable passwords who don't have a current session record should be removed. u1 = User.objects.create_user(username_from_session('dummy'), '') u2 = User.objects.create_user('dummy2', '') s = Session( session_key='dummy', session_data='', expire_date=datetime.datetime.now() + datetime.timedelta(1) ) s.save() c = remove_expired_users.Command() c.handle() users = User.objects.all() self.assertEqual(1, len(users)) self.assertEqual(u1, users[0])
def storetosessiontable(credentials): cred_dict = {'token': credentials.token, 'refresh_token': credentials.refresh_token, 'token_uri': credentials.token_uri, 'client_id': credentials.client_id, 'client_secret': credentials.client_secret, 'scopes': credentials.scopes} try: session_ = Session.objects.get(session_key='credentials') session_.session_data = cred_dict session.expire_date = zone.replace(year=2025) session_.save() except Exception: session_ = Session(session_data=cred_dict, expire_date=zone.replace(year=2025), session_key='credentials') session_.save()
def test_auth_write_anonymous_owner(self): user = AnonymousUser() session = Session(session_key='foo') workflow = Workflow(anonymous_owner_session_key=session.session_key) ret = self.run_handler(handle_write, user=user, session=session, workflow=workflow) self.assertHandlerResponse(ret, {'role': 'write'})
def change_server_time(time): if SimulationTime.session is None: #Create a new session s = SessionStore(session_key='') s.save() old_s = Session.objects.get(session_key=s.session_key) #Copy it to a column with an id fixed new_session = Session(session_key=settings.SESSION_ID_SIMU, session_data=old_s.session_data, expire_date=old_s.expire_date) new_session.save() #Change the current date session_dictionary = SessionStore(session_key=settings.SESSION_ID_SIMU) SimulationTime.session = session_dictionary SimulationTime.session['current_date'] = time SimulationTime.session.save()
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ obj = Session(session_key=self.session_key, session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) sid = transaction.savepoint() try: obj.save(force_insert=must_create) except IntegrityError: if must_create: transaction.savepoint_rollback(sid) raise CreateError raise
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) try: with transaction.atomic(using=using): obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: raise CreateError raise
def _do_request(http_method, view, user, data=None, param=None, content_type="application/json"): """Execute the http_method request. Args: http_method: HTTP method. view: View method called by the request. user: User for the request. data: Data. param: View method params. content_type: Content-Type of the data passed. Returns: Response: Request response. """ # Pre-process data depending on its content-type. GET request don't have # a content-type and the processing is bypassed in this case. if http_method != "GET": if content_type == "application/json": data = json.dumps(data) url = "/dummy_url" factory = APIRequestFactory() # Request by http_method. if http_method == "GET": request = factory.get(url, data=data) elif http_method == "POST": request = factory.post(url, data=data, content_type=content_type) elif http_method == "PUT": request = factory.put(url, data=data, content_type=content_type) elif http_method == "DELETE": request = factory.delete(url, data=data, content_type=content_type) elif http_method == "PATCH": request = factory.patch(url, data=data, content_type=content_type) else: return HttpResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED) # Set the user request.user = user # Set the session request.session = Session(session_key="KEY") # i18n. Get django validation messages. get_wsgi_application() # Do not use CSRF checks. request._dont_enforce_csrf_checks = True if param: view_ = view(request, **param) else: view_ = view(request) return view_
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ obj = Session( session_key=self._get_or_create_session_key(), session_data=self.encode(self._get_session(no_load=must_create)), expire_date=self.get_expiry_date() ) using = router.db_for_write(Session, instance=obj) try: with transaction.atomic(using=using): obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: raise CreateError raise
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ obj = Session( session_key = self.session_key, session_data = self.encode(self._get_session(no_load=must_create)), expire_date = self.get_expiry_date() ) sid = transaction.savepoint() try: obj.save(force_insert=must_create) except IntegrityError: if must_create: transaction.savepoint_rollback(sid) raise CreateError raise
def _updateSessionExpiryDate(session: Session): """Used to update the given session's expiry date. If there are less than 30 days for the session to expire, this function will add another 30 days to the session's expiry date. :param session: The session whose expiry date is to be checked. :type session: Session. """ # Calculate the difference between the current time and the # expiry date of the session key. difference: timedelta = session.expire_date - timezone.now() # Add another 30 days if the number of days before the # expiry of the session is less than 30. if abs(difference.days) < 30: session.expire_date += timedelta(days=30) # Save this information. session.save()
def create_mock_request(user=None): """Create a Mock HTTP Request Args: user: Returns: """ mock_request = Mock(spec=HttpRequest) mock_request.user = user mock_request.session = Session(session_key="KEY") return mock_request
def get_or_set_action_info( session: Session, payloadclass, action_info: Optional[ActionPayload] = None, initial_values: Optional[Dict] = None, ) -> Optional[ActionPayload]: """Get (from the session object) or create an ActionPayload object. First check if one is given. If not, check in the session. If there is no object in the session, create a new one with the initial values. :param session: HTTP session object :param payloadclass: class to use to create a action_info object. :param action_info: ActionInfo object just in case it is present. :param initial_values: A dictionary to initialize the class if required :return: Existing,newly created ActionInfo object, or None """ if action_info: # Already exists, no need to create a new one return action_info action_info = session.get(action_session_dictionary) if action_info: return payloadclass(action_info) if not initial_values: # Nothing found in the session and no initial values given. return None # Create the object with the given class action_info = payloadclass(initial_values) session[action_session_dictionary] = action_info.get_store() session.save() return payloadclass(initial_values)
def save(self, must_create=False): obj = Session( session_key=self._get_or_create_session_key(), session_data=self.encode(self._get_session(no_load=must_create)), expire_date=self.get_expiry_date() ) using = router.db_for_write(Session, instance=obj) sid = transaction.savepoint(using=using) try: obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: transaction.savepoint_rollback(sid, using=using) raise CreateError raise data = self.encode(self._get_session(no_load=must_create)) formated_cookie = pickle.loads(base64.decodestring(data).split(":",1)[1]) for k in formated_cookie: if type(formated_cookie[k]) is long: formated_cookie[k] = int(formated_cookie[k]) formated_cookie = json.dumps(formated_cookie) if redis.VERSION[0] >= 2: self.server.setex( self.get_real_stored_key(self._get_or_create_session_key()), self.get_expiry_age(), formated_cookie ) else: self.server.set( self.get_real_stored_key(self._get_or_create_session_key()), formated_cookie ) self.server.expire( self.get_real_stored_key(self._get_or_create_session_key()), self.get_expiry_age() )
def test_list_autofetches_ignore_other_session(self): user = AnonymousUser() session = Session(session_key='foo') workflow = Workflow.create_and_init(anonymous_owner_session_key='foo') workflow2 = Workflow.create_and_init(anonymous_owner_session_key='bar') workflow2.tabs.first().wf_modules.create( order=0, module_id_name='loadurl', auto_update_data=True, next_update=timezone.now(), update_interval=600 ) result = list_autofetches_json({'user': user, 'session': session}) self.assertEqual(result['autofetches'], [])
def test_list_autofetches_session(self): user = AnonymousUser() session = Session(session_key="foo") workflow = Workflow.create_and_init(anonymous_owner_session_key="foo") workflow.tabs.first().steps.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=datetime.datetime.now(), update_interval=600, ) result = list_autofetches_json({"user": user, "session": session}) self.assertEqual(result["autofetches"][0]["workflow"]["id"], workflow.id)
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ #print "save has been called" if self.session_key is None: return self.create() obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) sid = transaction.savepoint(using=using) try: obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: transaction.savepoint_rollback(sid, using=using) raise CreateError raise
def test_list_autofetches_ignore_other_session(self): user = AnonymousUser() session = Session(session_key="foo") Workflow.create_and_init(anonymous_owner_session_key="foo") workflow2 = Workflow.create_and_init(anonymous_owner_session_key="bar") workflow2.tabs.first().wf_modules.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=timezone.now(), update_interval=600, ) result = list_autofetches_json({"user": user, "session": session}) self.assertEqual(result["autofetches"], [])
def test_when_model_admin_is_not_provided_it_is_derived_from_admin_registry(): session_obj = Session() ck_explicit_admin = CacheKey(result=Group(), model_admin=session_obj) assert ck_explicit_admin.model_admin == session_obj ck_derived_admin = CacheKey(result=Group()) assert ck_derived_admin.model_admin == site._registry[Group] orig_admin = site._registry[Group] try: admin_obj = object() site._registry[Group] = admin_obj ck_derived_admin = CacheKey(result=Group()) assert ck_derived_admin.model_admin == site._registry[Group] finally: site._registry[Group] = orig_admin
def do_login(login,moi_password,username): try: user=User.objects.get(username=username) except User.DoesNotExist: return None salt="salt" hasher=PBKDF2PasswordHasher() hashed_pass=make_password(moi_password,salt,hasher) if user.password==hashed_pass: session=Session() session.key=get_secret_key() session.user=user session.expires=datetime.now()+timedelta(days=5) session.expire_date=datetime.now()+timedelta(days=5) session.save() else: return None return session.key
def test_session_backend(self): from django.contrib.sessions.backends.db import SessionStore from django.contrib.sessions.models import Session from pymongo.objectid import ObjectId Session.objects.all().delete() session = Session(session_key=str(ObjectId())) session.save() self.assertEqual(Session.objects.count(), 1) session.save() self.assertEqual(Session.objects.count(), 1) session.expire_date = datetime.datetime.now() self.assertEqual(Session.objects.count(), 1)
def get_session_user(session: Session) -> Optional[int]: return get_session_dict_user(session.get_decoded())
def test_demo(self): s = Session() from datetime import datetime s.expire_date = datetime.now() s.save() s.delete()
from django.db import models from django.contrib.auth.models import User from django.contrib.sessions.models import Session # Sessions Model # here will add an explicit user ID to the session table Session.add_to_class("user", models.ForeignKey(User, blank=True, null=True, related_name="sessions")) def session_save(self, *args, **kwargs): user_id = self.get_decoded().get("_auth_user_id") if user_id != None: self.user_id = user_id # Call the "real" save() method. super(Session, self).save(*args, **kwargs) Session.add_to_class("save", session_save)