def load_session_from_cookie(request):
secret = current_app.config.get("session_secret")
if secret:
session_name = current_app.config.get("session_cookie_name") or "session"
local.session = SecureCookie.load_cookie(request, session_name, secret_key=secret)
request._flash = local.session.pop("_flash", {})
csrf_token() # all session should have csrf token
else:
local.session = {}
local.session["_flash"] = {}
def _post_js():
from raginei.ext.csrf import csrf_token
return ''.join([
"var f = document.createElement('form'); f.style.display = 'none';"
"this.parentNode.appendChild(f); f.method = 'post'; f.action = this.href;",
"var m = document.createElement('input'); m.setAttribute('type', 'hidden');",
"m.setAttribute('name', '_csrf'); m.setAttribute('value', '%s'); f.appendChild(m);" % (
csrf_token(),),
"f.submit();",
])
