def __init__(self,
request,
id=None,
invalidate_corrupt=False,
use_cookies=True,
type=None,
data_dir=None,
key='beaker.session.id',
timeout=None,
save_accessed_time=True,
cookie_expires=True,
cookie_domain=None,
cookie_path='/',
data_serializer='pickle',
secret=None,
secure=False,
namespace_class=None,
httponly=False,
encrypt_key=None,
validate_key=None,
encrypt_nonce_bits=DEFAULT_NONCE_BITS,
crypto_type='default',
**namespace_args):
if not type:
if data_dir:
self.type = 'file'
else:
self.type = 'memory'
else:
self.type = type
self.namespace_class = namespace_class or clsmap[self.type]
self.namespace_args = namespace_args
self.request = request
self.data_dir = data_dir
self.key = key
if timeout and not save_accessed_time:
raise BeakerException("timeout requires save_accessed_time")
self.timeout = timeout
self.save_atime = save_accessed_time
self.use_cookies = use_cookies
self.cookie_expires = cookie_expires
self._set_serializer(data_serializer)
# Default cookie domain/path
self._domain = cookie_domain
self._path = cookie_path
self.was_invalidated = False
self.secret = secret
self.secure = secure
self.httponly = httponly
self.encrypt_key = encrypt_key
self.validate_key = validate_key
self.encrypt_nonce_size = get_nonce_size(encrypt_nonce_bits)
self.crypto_module = get_crypto_module(crypto_type)
self.id = id
self.accessed_dict = {}
self.invalidate_corrupt = invalidate_corrupt
if self.use_cookies:
cookieheader = request.get('cookie', '')
if secret:
try:
self.cookie = SignedCookie(
secret,
input=cookieheader,
)
except http_cookies.CookieError:
self.cookie = SignedCookie(
secret,
input=None,
)
else:
self.cookie = SimpleCookie(input=cookieheader)
if not self.id and self.key in self.cookie:
cookie_data = self.cookie[self.key].value
# Should we check invalidate_corrupt here?
if cookie_data is InvalidSignature:
cookie_data = None
self.id = cookie_data
self.is_new = self.id is None
if self.is_new:
self._create_id()
self['_accessed_time'] = self['_creation_time'] = time.time()
else:
try:
self.load()
except Exception as e:
if self.invalidate_corrupt:
util.warn("Invalidating corrupt session %s; "
"error was: %s. Set invalidate_corrupt=False "
"to propagate this exception." % (self.id, e))
self.invalidate()
else:
raise
def __init__(self,
request,
id=None,
invalidate_corrupt=False,
use_cookies=True,
type=None,
data_dir=None,
key='beaker.session.id',
timeout=None,
save_accessed_time=True,
cookie_expires=True,
cookie_domain=None,
cookie_path='/',
data_serializer='pickle',
secret=None,
secure=False,
namespace_class=None,
httponly=False,
encrypt_key=None,
validate_key=None,
encrypt_nonce_bits=DEFAULT_NONCE_BITS,
crypto_type='default',
**namespace_args):
if not type:
if data_dir:
self.type = 'file'
else:
self.type = 'memory'
else:
self.type = type
self.namespace_class = namespace_class or clsmap[self.type]
self.namespace_args = namespace_args
self.request = request
self.data_dir = data_dir
self.key = key
if timeout and not save_accessed_time:
raise BeakerException("timeout requires save_accessed_time")
self.timeout = timeout
# We want to pass timeout param to redis backend to support expiration of keys
# In future, I believe, we can use this param for memcached and mongo as well
if self.timeout is not None and self.type == 'ext:redis':
# The backend expiration should always be a bit longer (I decied to use 2 minutes) than the
# session expiration itself to prevent the case where the backend data expires while
# the session is being read (PR#153)
self.namespace_args['timeout'] = self.timeout + 60 * 2
self.save_atime = save_accessed_time
self.use_cookies = use_cookies
self.cookie_expires = cookie_expires
self._set_serializer(data_serializer)
# Default cookie domain/path
self._domain = cookie_domain
self._path = cookie_path
self.was_invalidated = False
self.secret = secret
self.secure = secure
self.httponly = httponly
self.encrypt_key = encrypt_key
self.validate_key = validate_key
self.encrypt_nonce_size = get_nonce_size(encrypt_nonce_bits)
self.crypto_module = get_crypto_module(crypto_type)
self.id = id
self.accessed_dict = {}
self.invalidate_corrupt = invalidate_corrupt
if self.use_cookies:
cookieheader = request.get('cookie', '')
if secret:
try:
self.cookie = SignedCookie(
secret,
input=cookieheader,
)
except http_cookies.CookieError:
self.cookie = SignedCookie(
secret,
input=None,
)
else:
self.cookie = SimpleCookie(input=cookieheader)
if not self.id and self.key in self.cookie:
cookie_data = self.cookie[self.key].value
# Should we check invalidate_corrupt here?
if cookie_data is InvalidSignature:
cookie_data = None
self.id = cookie_data
self.is_new = self.id is None
if self.is_new:
self._create_id()
self['_accessed_time'] = self['_creation_time'] = time.time()
else:
try:
self.load()
except Exception as e:
if self.invalidate_corrupt:
util.warn("Invalidating corrupt session %s; "
"error was: %s. Set invalidate_corrupt=False "
"to propagate this exception." % (self.id, e))
self.invalidate()
else:
raise
def __init__(self,
request,
id=None,
invalidate_corrupt=False,
use_cookies=True,
type=None,
data_dir=None,
key='beaker.session.id',
timeout=None,
save_accessed_time=True,
cookie_expires=True,
cookie_domain=None,
cookie_path='/',
data_serializer='pickle',
secret=None,
secure=False,
namespace_class=None,
httponly=False,
encrypt_key=None,
validate_key=None,
encrypt_nonce_bits=DEFAULT_NONCE_BITS,
crypto_type='default',
samesite='Lax',
**namespace_args):
_ConfigurableSession.__init__(self,
cookie_domain=cookie_domain,
cookie_path=cookie_path)
self.clear()
if not type:
if data_dir:
self.type = 'file'
else:
self.type = 'memory'
else:
self.type = type
self.namespace_class = namespace_class or clsmap[self.type]
self.namespace_args = namespace_args
self.request = request
self.data_dir = data_dir
self.key = key
if timeout and not save_accessed_time:
raise BeakerException("timeout requires save_accessed_time")
self.timeout = timeout
# If a timeout was provided, forward it to the backend too, so the backend
# can automatically expire entries if it's supported.
if self.timeout is not None:
# The backend expiration should always be a bit longer than the
# session expiration itself to prevent the case where the backend data expires while
# the session is being read (PR#153). 2 Minutes seems a reasonable time.
self.namespace_args['timeout'] = self.timeout + 60 * 2
self.save_atime = save_accessed_time
self.use_cookies = use_cookies
self.cookie_expires = cookie_expires
self._set_serializer(data_serializer)
# Default cookie domain/path
self.was_invalidated = False
self.secret = secret
self.secure = secure
self.httponly = httponly
self.samesite = samesite
self.encrypt_key = encrypt_key
self.validate_key = validate_key
self.encrypt_nonce_size = get_nonce_size(encrypt_nonce_bits)
self.crypto_module = get_crypto_module(crypto_type)
self.id = id
self.accessed_dict = {}
self.invalidate_corrupt = invalidate_corrupt
if self.use_cookies:
cookieheader = request.get('cookie', '')
if secret:
try:
self.cookie = SignedCookie(
secret,
input=cookieheader,
)
except http_cookies.CookieError:
self.cookie = SignedCookie(
secret,
input=None,
)
else:
self.cookie = SimpleCookie(input=cookieheader)
if not self.id and self.key in self.cookie:
cookie_data = self.cookie[self.key].value
# Should we check invalidate_corrupt here?
if cookie_data is InvalidSignature:
cookie_data = None
self.id = cookie_data
self.is_new = self.id is None
if self.is_new:
self._create_id()
self['_accessed_time'] = self['_creation_time'] = time.time()
else:
try:
self.load()
except Exception as e:
if self.invalidate_corrupt:
util.warn("Invalidating corrupt session %s; "
"error was: %s. Set invalidate_corrupt=False "
"to propagate this exception." % (self.id, e))
self.invalidate()
else:
raise
def __init__(self,
request,
id=None,
invalidate_corrupt=False,
use_cookies=True,
type=None,
data_dir=None,
key='beaker.session.id',
timeout=None,
cookie_expires=True,
cookie_domain=None,
cookie_path='/',
data_serializer='pickle',
secret=None,
secure=False,
namespace_class=None,
httponly=False,
encrypt_key=None,
validate_key=None,
**namespace_args):
if not type:
if data_dir:
self.type = 'file'
else:
self.type = 'memory'
else:
self.type = type
self.namespace_class = namespace_class or clsmap[self.type]
self.namespace_args = namespace_args
self.request = request
self.data_dir = data_dir
self.key = key
self.timeout = timeout
self.use_cookies = use_cookies
self.cookie_expires = cookie_expires
self.data_serializer = data_serializer
# Default cookie domain/path
self._domain = cookie_domain
self._path = cookie_path
self.was_invalidated = False
self.secret = secret
self.secure = secure
self.httponly = httponly
self.encrypt_key = encrypt_key
self.validate_key = validate_key
self.id = id
self.accessed_dict = {}
self.invalidate_corrupt = invalidate_corrupt
if self.use_cookies:
cookieheader = request.get('cookie', '')
if secret:
try:
self.cookie = SignedCookie(secret, input=cookieheader)
except http_cookies.CookieError:
self.cookie = SignedCookie(secret, input=None)
else:
self.cookie = SimpleCookie(input=cookieheader)
if not self.id and self.key in self.cookie:
self.id = self.cookie[self.key].value
self.is_new = self.id is None
if self.is_new:
self._create_id()
self['_accessed_time'] = self['_creation_time'] = time.time()
else:
try:
self.load()
except Exception as e:
if invalidate_corrupt:
util.warn("Invalidating corrupt session %s; "
"error was: %s. Set invalidate_corrupt=False "
"to propagate this exception." % (self.id, e))
self.invalidate()
else:
raise