def test_invalidated_deletes_no_save(self, pyramid_request): session_factory = SessionFactory( "mysecret", "redis://redis://localhost:6379/0", ) session_factory.redis = pretend.stub( delete=pretend.call_recorder(lambda key: None) ) pyramid_request.session.invalidated = ["1", "2"] pyramid_request.session.should_save = pretend.call_recorder( lambda: False ) response = pretend.stub( delete_cookie=pretend.call_recorder(lambda cookie: None), ) session_factory._process_response(pyramid_request, response) assert session_factory.redis.delete.calls == [ pretend.call("warehouse/session/data/1"), pretend.call("warehouse/session/data/2"), ] assert pyramid_request.session.should_save.calls == [ pretend.call(), pretend.call(), ] assert response.delete_cookie.calls == [pretend.call("session_id")]
def test_redis_key(self): session_factory = SessionFactory( "mysecret", "redis://redis://localhost:6379/0", ) assert session_factory._redis_key("my_session_id") == \ "warehouse/session/data/my_session_id"
def test_valid_session_id_invalid_data(self, pyramid_request): pyramid_request.cookies["session_id"] = "123456" session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory.signer.unsign = pretend.call_recorder( lambda session_id, max_age: b"123456") session_factory.redis = pretend.stub( get=pretend.call_recorder(lambda key: b"invalid data")) session_factory._process_response = pretend.stub() session = session_factory(pyramid_request) assert len(pyramid_request.response_callbacks) == 1 assert (pyramid_request.response_callbacks[0] is session_factory._process_response) assert session_factory.signer.unsign.calls == [ pretend.call("123456", max_age=12 * 60 * 60) ] assert session_factory.redis.get.calls == [ pretend.call("warehouse/session/data/123456") ] assert isinstance(session, Session) assert session._sid is None assert session.new
def test_valid_session_id_invalid_data(self, pyramid_request): pyramid_request.cookies["session_id"] = "123456" session_factory = SessionFactory( "mysecret", "redis://redis://localhost:6379/0", ) session_factory.signer.unsign = pretend.call_recorder( lambda session_id, max_age: b"123456" ) session_factory.redis = pretend.stub( get=pretend.call_recorder(lambda key: b"invalid data"), ) session_factory._process_response = pretend.stub() session = session_factory(pyramid_request) assert len(pyramid_request.response_callbacks) == 1 assert pyramid_request.response_callbacks[0] is \ session_factory._process_response assert session_factory.signer.unsign.calls == [ pretend.call("123456", max_age=12 * 60 * 60), ] assert session_factory.redis.get.calls == [ pretend.call("warehouse/session/data/123456"), ] assert isinstance(session, Session) assert session._sid is None assert session.new
def test_no_save_invalid_session(self, pyramid_request): session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory.redis = pretend.stub() pyramid_request.session = InvalidSession() response = pretend.stub() session_factory._process_response(pyramid_request, response)
def test_no_save_invalid_session(self, pyramid_request): session_factory = SessionFactory( "mysecret", "redis://redis://localhost:6379/0", ) session_factory.redis = pretend.stub() pyramid_request.session = InvalidSession() response = pretend.stub() session_factory._process_response(pyramid_request, response)
def test_noop_unused_session(self, pyramid_request): session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory.redis = pretend.stub() pyramid_request.session.invalidated = set() pyramid_request.session.should_save = pretend.call_recorder(lambda: False) response = pretend.stub() session_factory._process_response(pyramid_request, response) assert pyramid_request.session.should_save.calls == [pretend.call()]
def test_invalidated_deletes_save_non_secure(self, monkeypatch, pyramid_request): msgpack_packb = pretend.call_recorder( lambda data, encoding, use_bin_type: b"msgpack data") monkeypatch.setattr(msgpack, "packb", msgpack_packb) session_factory = SessionFactory( "mysecret", "redis://redis://localhost:6379/0", ) session_factory.redis = pretend.stub( delete=pretend.call_recorder(lambda key: None), setex=pretend.call_recorder(lambda key, age, data: None), ) session_factory.signer.sign = pretend.call_recorder( lambda data: "cookie data") pyramid_request.scheme = "http" pyramid_request.session.sid = "123456" pyramid_request.session.invalidated = ["1", "2"] pyramid_request.session.should_save = pretend.call_recorder( lambda: True) response = pretend.stub(set_cookie=pretend.call_recorder( lambda cookie, data, max_age, httponly, secure, samesite: None)) session_factory._process_response(pyramid_request, response) assert session_factory.redis.delete.calls == [ pretend.call("warehouse/session/data/1"), pretend.call("warehouse/session/data/2"), ] assert msgpack_packb.calls == [ pretend.call( pyramid_request.session, encoding="utf8", use_bin_type=True, ), ] assert session_factory.redis.setex.calls == [ pretend.call( "warehouse/session/data/123456", 12 * 60 * 60, b"msgpack data", ), ] assert pyramid_request.session.should_save.calls == [ pretend.call(), pretend.call(), ] assert session_factory.signer.sign.calls == [pretend.call(b"123456")] assert response.set_cookie.calls == [ pretend.call( "session_id", "cookie data", max_age=12 * 60 * 60, httponly=True, secure=False, samesite=b"lax", ), ]
def test_no_current_session(self, pyramid_request): session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory._process_response = pretend.stub() session = session_factory(pyramid_request) assert len(pyramid_request.response_callbacks) == 1 assert ( pyramid_request.response_callbacks[0] is session_factory._process_response ) assert isinstance(session, Session) assert session._sid is None assert session.new
def test_no_current_session(self, pyramid_request): session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory._process_response = pretend.stub() session = session_factory(pyramid_request) assert len(pyramid_request.response_callbacks) == 1 assert (pyramid_request.response_callbacks[0] is session_factory._process_response) assert isinstance(session, Session) assert session._sid is None assert session.new
def test_invalid_session_id(self, pyramid_request): pyramid_request.cookies["session_id"] = "invalid!" session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory._process_response = pretend.stub() session = session_factory(pyramid_request) assert len(pyramid_request.response_callbacks) == 1 assert (pyramid_request.response_callbacks[0] is session_factory._process_response) assert isinstance(session, Session) assert session._sid is None assert session.new
def test_invalid_session_id(self, pyramid_request): pyramid_request.cookies["session_id"] = "invalid!" session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory._process_response = pretend.stub() session = session_factory(pyramid_request) assert len(pyramid_request.response_callbacks) == 1 assert ( pyramid_request.response_callbacks[0] is session_factory._process_response ) assert isinstance(session, Session) assert session._sid is None assert session.new
def test_invalidated_deletes_save_non_secure(self, monkeypatch, pyramid_request): msgpack_packb = pretend.call_recorder( lambda data, encoding, use_bin_type: b"msgpack data" ) monkeypatch.setattr(msgpack, "packb", msgpack_packb) session_factory = SessionFactory("mysecret", "redis://redis://localhost:6379/0") session_factory.redis = pretend.stub( delete=pretend.call_recorder(lambda key: None), setex=pretend.call_recorder(lambda key, age, data: None), ) session_factory.signer.sign = pretend.call_recorder(lambda data: "cookie data") pyramid_request.scheme = "http" pyramid_request.session.sid = "123456" pyramid_request.session.invalidated = ["1", "2"] pyramid_request.session.should_save = pretend.call_recorder(lambda: True) response = pretend.stub( set_cookie=pretend.call_recorder( lambda cookie, data, max_age, httponly, secure, samesite: None ) ) session_factory._process_response(pyramid_request, response) assert session_factory.redis.delete.calls == [ pretend.call("warehouse/session/data/1"), pretend.call("warehouse/session/data/2"), ] assert msgpack_packb.calls == [ pretend.call(pyramid_request.session, encoding="utf8", use_bin_type=True) ] assert session_factory.redis.setex.calls == [ pretend.call("warehouse/session/data/123456", 12 * 60 * 60, b"msgpack data") ] assert pyramid_request.session.should_save.calls == [ pretend.call(), pretend.call(), ] assert session_factory.signer.sign.calls == [pretend.call(b"123456")] assert response.set_cookie.calls == [ pretend.call( "session_id", "cookie data", max_age=12 * 60 * 60, httponly=True, secure=False, samesite=b"lax", ) ]
def test_valid_session_id_valid_data(self, monkeypatch, pyramid_request): msgpack_unpackb = pretend.call_recorder( lambda bdata, encoding, use_list: {"foo": "bar"} ) monkeypatch.setattr(msgpack, "unpackb", msgpack_unpackb) pyramid_request.cookies["session_id"] = "123456" session_factory = SessionFactory( "mysecret", "redis://redis://localhost:6379/0", ) session_factory.signer.unsign = pretend.call_recorder( lambda session_id, max_age: b"123456" ) session_factory.redis = pretend.stub( get=pretend.call_recorder(lambda key: b"valid data"), ) session_factory._process_response = pretend.stub() session = session_factory(pyramid_request) assert len(pyramid_request.response_callbacks) == 1 assert pyramid_request.response_callbacks[0] is \ session_factory._process_response assert session_factory.signer.unsign.calls == [ pretend.call("123456", max_age=12 * 60 * 60), ] assert session_factory.redis.get.calls == [ pretend.call("warehouse/session/data/123456"), ] assert msgpack_unpackb.calls == [ pretend.call(b"valid data", encoding="utf8", use_list=True), ] assert isinstance(session, Session) assert session == {"foo": "bar"} assert session.sid == "123456" assert not session.new
def test_initialize(self, monkeypatch): timestamp_signer_obj = pretend.stub() timestamp_signer_create = pretend.call_recorder( lambda secret, salt: timestamp_signer_obj) monkeypatch.setattr(crypto, "TimestampSigner", timestamp_signer_create) strict_redis_obj = pretend.stub() strict_redis_cls = pretend.stub( from_url=pretend.call_recorder(lambda url: strict_redis_obj)) monkeypatch.setattr(redis, "StrictRedis", strict_redis_cls) session_factory = SessionFactory("mysecret", "my url") assert session_factory.signer is timestamp_signer_obj assert session_factory.redis is strict_redis_obj assert timestamp_signer_create.calls == [ pretend.call("mysecret", salt="session") ] assert strict_redis_cls.from_url.calls == [pretend.call("my url")]