def invalidate(self): c = self.make_cookie() c.expires = 0 Cookie.add_cookie(self._req, c) self.delete() self._invalid = 1
def __init__(self, req, sid=None, secret=None, lock=1, timeout=0): self._req, self._sid, self._secret = req, sid, secret self._lock = lock self._new = 1 self._created = 0 self._accessed = 0 self._timeout = 0 self._locked = 0 self._invalid = 0 dict.__init__(self) config = req.get_options() if config.has_key("mod_python.session.cookie_name"): session_cookie_name = config.get("mod_python.session.cookie_name", COOKIE_NAME) else: # For backwards compatability with versions # of mod_python prior to 3.3. session_cookie_name = config.get("session_cookie_name", COOKIE_NAME) if not self._sid: # check to see if cookie exists if secret: cookie = Cookie.get_cookie(req, session_cookie_name, Class=Cookie.SignedCookie, secret=self._secret, mismatch=Cookie.Cookie.IGNORE) else: cookie = Cookie.get_cookie(req, session_cookie_name) if cookie: self._sid = cookie.value if self._sid: if not _check_sid(self._sid): if sid: # Supplied explicitly by user of the class, # raise an exception and make the user code # deal with it. raise ValueError("Invalid Session ID: sid=%s" % sid) else: # Derived from the cookie sent by browser, # wipe it out so it gets replaced with a # correct value. self._sid = None self.init_lock() if self._sid: # attempt to load ourselves self.lock() if self.load(): self._new = 0 if self._new: # make a new session if self._sid: self.unlock() # unlock old sid self._sid = _new_sid(self._req) self.lock() # lock new sid Cookie.add_cookie(self._req, self.make_cookie()) self._created = time.time() if timeout: self._timeout = timeout else: self._timeout = DFT_TIMEOUT self._accessed = time.time() # need cleanup? if random.randint(1, CLEANUP_CHANCE) == 1: self.cleanup()
def __init__(self, req, sid=None, secret=None, lock=1, timeout=0): self._req, self._sid, self._secret = req, sid, secret self._lock = lock self._new = 1 self._created = 0 self._accessed = 0 self._timeout = 0 self._locked = 0 self._invalid = 0 dict.__init__(self) config = req.get_options() if "mod_python.session.cookie_name" in config: session_cookie_name = config.get("mod_python.session.cookie_name", COOKIE_NAME) else: # For backwards compatability with versions # of mod_python prior to 3.3. session_cookie_name = config.get("session_cookie_name", COOKIE_NAME) if not self._sid: # check to see if cookie exists if secret: cookie = Cookie.get_cookie(req, session_cookie_name, Class=Cookie.SignedCookie, secret=self._secret, mismatch=Cookie.Cookie.IGNORE) else: cookie = Cookie.get_cookie(req, session_cookie_name) if cookie: self._sid = cookie.value if self._sid: if not _check_sid(self._sid): if sid: # Supplied explicitly by user of the class, # raise an exception and make the user code # deal with it. raise ValueError("Invalid Session ID: sid=%s" % sid) else: # Derived from the cookie sent by browser, # wipe it out so it gets replaced with a # correct value. self._sid = None self.init_lock() if self._sid: # attempt to load ourselves self.lock() if self.load(): self._new = 0 if self._new: # make a new session if self._sid: self.unlock() # unlock old sid self._sid = _new_sid(self._req) self.lock() # lock new sid Cookie.add_cookie(self._req, self.make_cookie()) self._created = time.time() if timeout: self._timeout = timeout else: self._timeout = DFT_TIMEOUT self._accessed = time.time() # need cleanup? if random.randint(1, CLEANUP_CHANCE) == 1: self.cleanup()