Пример #1
0
 def _set_cookie_http_only(self):
     try:
         if self.httponly:
             self.cookie[self.key]['httponly'] = True
     except Cookie.CookieError, e:
         if 'Invalid Attribute httponly' not in str(e):
             raise
         util.warn('Python 2.6+ is required to use httponly')
Пример #2
0
    def __init__(self, request, id=None, invalidate_corrupt=False,
                 use_cookies=True, type=None, data_dir=None,
                 key='beaker.session.id', timeout=None, cookie_expires=True,
                 cookie_domain=None, cookie_path='/', secret=None,
                 secure=False, namespace_class=None, httponly=False,
                 encrypt_key=None, validate_key=None, **namespace_args):
        if not type:
            if data_dir:
                self.type = 'file'
            else:
                self.type = 'memory'
        else:
            self.type = type

        self.namespace_class = namespace_class or clsmap[self.type]

        self.namespace_args = namespace_args

        self.request = request
        self.data_dir = data_dir
        self.key = key

        self.timeout = timeout
        self.use_cookies = use_cookies
        self.cookie_expires = cookie_expires

        # Default cookie domain/path
        self._domain = cookie_domain
        self._path = cookie_path
        self.was_invalidated = False
        self.secret = secret
        self.secure = secure
        self.httponly = httponly
        self.encrypt_key = encrypt_key
        self.validate_key = validate_key
        self.id = id
        self.accessed_dict = {}
        self.invalidate_corrupt = invalidate_corrupt

        if self.use_cookies:
            cookieheader = request.get('cookie', '')
            if secret:
                try:
                    self.cookie = SignedCookie(secret, input=cookieheader)
                except Cookie.CookieError:
                    self.cookie = SignedCookie(secret, input=None)
            else:
                self.cookie = Cookie.SimpleCookie(input=cookieheader)

            if not self.id and self.key in self.cookie:
                self.id = self.cookie[self.key].value

        self.is_new = self.id is None
        if self.is_new:
            self._create_id()
            self['_accessed_time'] = self['_creation_time'] = time.time()
        else:
            try:
                self.load()
            except Exception, e:
                if invalidate_corrupt:
                    util.warn(
                        "Invalidating corrupt session %s; "
                        "error was: %s.  Set invalidate_corrupt=False "
                        "to propagate this exception." % (self.id, e))
                    self.invalidate()
                else:
                    raise