def save_session(self, app, session, response):
try:
domain = self.get_cookie_domain(app)
path = self.get_cookie_path(app)
httponly = self.get_cookie_secure(app)
secure = self.get_cookie_secure(app)
expires = self.get_expiration_time(app, session)
response.set_cookie(app.session_cookie_name,
session['key'],
expires=expires,
httponly=httponly,
domain=domain,
path=path,
secure=secure)
try:
obj = DjangoSession.objects.get(session_key=session['key'])
except DjangoSession.DoesNotExist:
obj = DjangoSession(session_key=session['key'])
obj.session_data = pickle.dumps(dict(session))
obj.expire_date = expires or (datetime.now() + timedelta(days=30))
obj.save()
finally:
close_old_connections()
def save(self, must_create=False, schema=None):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
if schema == None: # add schema
import inspect
fx = inspect.stack()
error_detail = ""
for x in fx:
error_detail += "\n\t {0}, line {1}".format(fx[1], fx[2])
raise (Exception(
"can not call ''{1}'' without schema in '{0}'.\nDetail:\n{2}".
format(__file__, "db.save", error_detail)))
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
try:
with transaction.atomic(using=using):
obj.save(force_insert=must_create, using=using, schema=schema)
except IntegrityError:
if must_create:
raise CreateError
raise
def authorize(request):
flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(
CLIENT_SECRETS_FILE, scopes=SCOPES)
flow.redirect_uri = '{0}/MyResources/oauth2callback'.format( '{scheme}://{host}'.format(host=request.get_host(),
scheme=request.META.get('HTTP_X_FORWARDED_PROTO', 'http')))
authorization_url, state = flow.authorization_url(
# Enable offline access so that you can refresh an access token without
# re-prompting the user for permission. Recommended for web server apps.
access_type='offline',
# Enable incremental authorization. Recommended as a best practice.
include_granted_scopes='true')
# Store the state so the callback can verify the auth server response.
try:
session_state = Session.objects.get(session_key='state')
session_state.session_data = state
session_state.save()
except Exception:
session_state = Session(session_key='state', session_data=state, expire_date=zone.replace(year=2025))
session_state.save()
session['state'] = state
return redirect(authorization_url)
def save(self, must_create=False):
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
sid = transaction.savepoint(using=using)
try:
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid, using=using)
raise CreateError
raise
data = self.encode(self._get_session(no_load=must_create))
formated_cookie = pickle.loads(
base64.decodestring(data).split(":", 1)[1])
for k in formated_cookie:
if type(formated_cookie[k]) is long:
formated_cookie[k] = int(formated_cookie[k])
formated_cookie = json.dumps(formated_cookie)
if redis.VERSION[0] >= 2:
self.server.setex(
self.get_real_stored_key(self._get_or_create_session_key()),
self.get_expiry_age(), formated_cookie)
else:
self.server.set(
self.get_real_stored_key(self._get_or_create_session_key()),
formated_cookie)
self.server.expire(
self.get_real_stored_key(self._get_or_create_session_key()),
self.get_expiry_age())
def save(self, must_create=False,schema = None):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
if schema == None: # add schema
import inspect
fx = inspect.stack()
error_detail = ""
for x in fx:
error_detail += "\n\t {0}, line {1}".format(fx[1], fx[2])
raise (
Exception(
"can not call ''{1}'' without schema in '{0}'.\nDetail:\n{2}".format(
__file__, "db.save",
error_detail
)))
obj = Session(
session_key=self._get_or_create_session_key(),
session_data=self.encode(self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date()
)
using = router.db_for_write(Session, instance=obj)
try:
with transaction.atomic(using=using):
obj.save(force_insert=must_create, using=using, schema = schema)
except IntegrityError:
if must_create:
raise CreateError
raise
def test_configauth_delete_sessions(self):
session = Session(
session_key="session_key",
expire_date=datetime.utcnow() + timedelta(days=1),
)
session.save()
call_command("configauth", rbac_url="")
self.assertFalse(Session.objects.all().exists())
def get(self, request):
try:
account_id = request.user.id
session_key = request.session.session_key
logout(request)
Session.remove(account_id, session_key)
finally:
return Response(status=status.HTTP_200_OK)
def setUp(self):
from django_facebook import api
from django_facebook.tests.mock_official_sdk import MockFacebookAPI
api.FacebookAPI = MockFacebookAPI
rf = RequestFactory()
self.request = request = rf.get('/')
request.user = AnonymousUser()
from django.contrib.sessions.models import Session
session = Session()
request.session = session.get_decoded()
print request.session
def save_session(self, app, session, response):
try:
obj = DjangoSession.objects.get(session_key=session['key'])
except DjangoSession.DoesNotExist:
obj = DjangoSession(session_key=session['key'])
obj.session_data = json.dumps(dict(session, fix_imports=True))
obj.expire_date = get_datetime_now() + timedelta(days=365)
obj.save()
close_old_connections()
def setUp(self):
from django_facebook import api
from django_facebook.tests.mock_official_sdk import MockFacebookAPI
api.FacebookAPI = MockFacebookAPI
rf = RequestFactory()
self.request = request = rf.get('/')
request.user = AnonymousUser()
from django.contrib.sessions.models import Session
session = Session()
request.session = session.get_decoded()
print request.session
def _save(self, must_create, session):
if must_create and (
cache.get('session-' + self.session_key) is not None or
Session.get_by_key_name('k:' + self.session_key)):
raise CreateError
cache.delete('session-' + self.session_key)
entity = Session(key_name='k:' + self.session_key,
data=self.encode(session),
expiry=self.get_expiry_date())
entity.put()
cache.set('session-' + self.session_key, session, 1200)
def testRemoveExpiredUsers(self):
# Users wihout usable passwords who don't have a current session record should be removed.
u1 = User.objects.create_user(username_from_session("dummy"), "")
u2 = User.objects.create_user("dummy2", "")
s = Session(session_key="dummy", session_data="", expire_date=datetime.datetime.now() + datetime.timedelta(1))
s.save()
c = remove_expired_users.Command()
c.handle()
users = User.objects.all()
self.assertEqual(1, len(users))
self.assertEqual(u1, users[0])
def handle_noargs(self, *args, **kwargs):
session_keys = backend.keys('*')
count = len(session_keys)
counter = 1
self.stdout.write('sessions to copy %d\n' % count)
for session_key in session_keys:
self.stdout.write('processing %d of %d\n' % (counter, count))
session_data = backend.get(session_key)
if session_data is not None:
try:
SessionStore().decode(session_data)
except (Error, TypeError):
continue
expire_date = timezone.now() + datetime.timedelta(
seconds=backend.expire(session_key))
session_key = utils.remove_prefix(session_key)
Session.objects.filter(session_key=session_key).delete()
Session(session_key=session_key,
session_data=session_data,
expire_date=expire_date).save()
counter += 1
def _gae_get_session(self, session_key):
session = Session.get_by_key_name('k:' + session_key)
if session:
if session.expiry > datetime.now():
return session
session.delete()
return None
def test_check_anonymous_user_session_no_session(self, mock_User_filter,
mock_UserSession_filter):
mock_user = Mock(id=1)
call_mock_User_filter = [mock_user]
mock_session = Mock(id=2)
# user_session.session
p = PropertyMock(
return_value=3,
side_effect=Session.DoesNotExist('Object Does not exist'))
type(mock_session).session = p
call_mock_UserSession_filter = [mock_session]
mock_User_filter.return_value = call_mock_User_filter
mock_UserSession_filter.return_value = call_mock_UserSession_filter
mock_user_del = Mock()
mock_user.delete = mock_user_del
# response = check_anonymous()
mock_user_del.assert_called_once_with()
mock_User_filter.assert_called_with(groups__name='Temporary')
mock_UserSession_filter.assert_called_with(
user__groups__name='Temporary')
def test_list_autofetches_list_both_session_and_user(self):
user = User.objects.create(username="******", email="*****@*****.**")
session = Session(session_key="foo")
workflow = Workflow.create_and_init(owner_id=user.id)
workflow.tabs.first().steps.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=datetime.datetime.now(),
update_interval=1200,
)
workflow2 = Workflow.create_and_init(anonymous_owner_session_key="foo")
workflow2.tabs.first().steps.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=datetime.datetime.now(),
update_interval=600,
)
result = list_autofetches_json({"user": user, "session": session})
self.assertEqual(
[a["workflow"]["id"] for a in result["autofetches"]],
[workflow2.id, workflow.id], # ordered by update_interval
)
def create_client(self):
patcher = mocked_relations(User, Session)
patcher.start()
self.addCleanup(patcher.stop)
user = User(pk=users.KIVE_USER_PK)
User.objects.add(user)
User.objects.model = User
# noinspection PyUnresolvedReferences
patcher = patch.object(User._meta, 'default_manager', User.objects)
patcher.start()
self.addCleanup(patcher.stop)
dummy_session_key = 'dummysession'
dummy_session = Session(session_key=dummy_session_key,
expire_date=now() + timedelta(days=1),
session_data=SessionStore().encode({
SESSION_KEY:
users.KIVE_USER_PK,
HASH_SESSION_KEY:
user.get_session_auth_hash(),
BACKEND_SESSION_KEY:
'django.contrib.auth.backends.ModelBackend'
}))
Session.objects.add(dummy_session)
client = Client()
client.cookies[settings.SESSION_COOKIE_NAME] = dummy_session_key
client.force_login(kive_user())
return client
def build_request(self, **kwargs):
request_kwargs = {
"request_id": kwargs.get("request_id", 1),
"scope": kwargs.get(
"scope",
{
"user": kwargs.get("user", AnonymousUser()),
"session": kwargs.get("session", Session()),
"headers": kwargs.get("headers", ()),
},
),
"workflow": kwargs.get("workflow", Workflow()),
"path": kwargs.get("path", "test.path"),
"arguments": kwargs.get("arguments", {}),
}
for key in list(request_kwargs["scope"].keys()) + list(request_kwargs.keys()):
try:
del kwargs[key]
except KeyError:
pass
# Turn other params, like `wf_module_id=123`, into
# `arguments={'wf_module_id':123}`
request_kwargs["arguments"].update(kwargs)
return HandlerRequest(**request_kwargs)
def build_request(self, **kwargs):
request_kwargs = {
'request_id':
kwargs.get('request_id', 1),
'scope':
kwargs.get(
'scope', {
'user': kwargs.get('user', AnonymousUser()),
'session': kwargs.get('session', Session()),
'headers': kwargs.get('headers', ()),
}),
'workflow':
kwargs.get('workflow', Workflow()),
'path':
kwargs.get('path', 'test.path'),
'arguments':
kwargs.get('arguments', {}),
}
for key in (list(request_kwargs['scope'].keys()) +
list(request_kwargs.keys())):
try:
del kwargs[key]
except KeyError:
pass
# Turn other params, like `wf_module_id=123`, into
# `arguments={'wf_module_id':123}`
request_kwargs['arguments'].update(kwargs)
return HandlerRequest(**request_kwargs)
def test_auth_owner_anonymous_owner(self):
user = AnonymousUser()
session = Session(session_key="foo")
workflow = Workflow(anonymous_owner_session_key=session.session_key)
ret = self.run_handler(
handle_owner, user=user, session=session, workflow=workflow
)
self.assertHandlerResponse(ret, {"role": "owner"})
def testRemoveExpiredUsers(self):
# Users wihout usable passwords who don't have a current session record should be removed.
u1 = User.objects.create_user(username_from_session('dummy'), '')
u2 = User.objects.create_user('dummy2', '')
s = Session(
session_key='dummy',
session_data='',
expire_date=datetime.datetime.now() + datetime.timedelta(1)
)
s.save()
c = remove_expired_users.Command()
c.handle()
users = User.objects.all()
self.assertEqual(1, len(users))
self.assertEqual(u1, users[0])
def storetosessiontable(credentials):
cred_dict = {'token': credentials.token,
'refresh_token': credentials.refresh_token,
'token_uri': credentials.token_uri,
'client_id': credentials.client_id,
'client_secret': credentials.client_secret,
'scopes': credentials.scopes}
try:
session_ = Session.objects.get(session_key='credentials')
session_.session_data = cred_dict
session.expire_date = zone.replace(year=2025)
session_.save()
except Exception:
session_ = Session(session_data=cred_dict, expire_date=zone.replace(year=2025), session_key='credentials')
session_.save()
def test_auth_write_anonymous_owner(self):
user = AnonymousUser()
session = Session(session_key='foo')
workflow = Workflow(anonymous_owner_session_key=session.session_key)
ret = self.run_handler(handle_write,
user=user,
session=session,
workflow=workflow)
self.assertHandlerResponse(ret, {'role': 'write'})
def change_server_time(time):
if SimulationTime.session is None:
#Create a new session
s = SessionStore(session_key='')
s.save()
old_s = Session.objects.get(session_key=s.session_key)
#Copy it to a column with an id fixed
new_session = Session(session_key=settings.SESSION_ID_SIMU, session_data=old_s.session_data,
expire_date=old_s.expire_date)
new_session.save()
#Change the current date
session_dictionary = SessionStore(session_key=settings.SESSION_ID_SIMU)
SimulationTime.session = session_dictionary
SimulationTime.session['current_date'] = time
SimulationTime.session.save()
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
obj = Session(session_key=self.session_key,
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
sid = transaction.savepoint()
try:
obj.save(force_insert=must_create)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid)
raise CreateError
raise
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
try:
with transaction.atomic(using=using):
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
raise CreateError
raise
def _do_request(http_method,
view,
user,
data=None,
param=None,
content_type="application/json"):
"""Execute the http_method request.
Args:
http_method: HTTP method.
view: View method called by the request.
user: User for the request.
data: Data.
param: View method params.
content_type: Content-Type of the data passed.
Returns:
Response: Request response.
"""
# Pre-process data depending on its content-type. GET request don't have
# a content-type and the processing is bypassed in this case.
if http_method != "GET":
if content_type == "application/json":
data = json.dumps(data)
url = "/dummy_url"
factory = APIRequestFactory()
# Request by http_method.
if http_method == "GET":
request = factory.get(url, data=data)
elif http_method == "POST":
request = factory.post(url, data=data, content_type=content_type)
elif http_method == "PUT":
request = factory.put(url, data=data, content_type=content_type)
elif http_method == "DELETE":
request = factory.delete(url, data=data, content_type=content_type)
elif http_method == "PATCH":
request = factory.patch(url, data=data, content_type=content_type)
else:
return HttpResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED)
# Set the user
request.user = user
# Set the session
request.session = Session(session_key="KEY")
# i18n. Get django validation messages.
get_wsgi_application()
# Do not use CSRF checks.
request._dont_enforce_csrf_checks = True
if param:
view_ = view(request, **param)
else:
view_ = view(request)
return view_
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
obj = Session(
session_key=self._get_or_create_session_key(),
session_data=self.encode(self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date()
)
using = router.db_for_write(Session, instance=obj)
try:
with transaction.atomic(using=using):
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
raise CreateError
raise
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
obj = Session(
session_key = self.session_key,
session_data = self.encode(self._get_session(no_load=must_create)),
expire_date = self.get_expiry_date()
)
sid = transaction.savepoint()
try:
obj.save(force_insert=must_create)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid)
raise CreateError
raise
def _updateSessionExpiryDate(session: Session):
"""Used to update the given session's expiry date.
If there are less than 30 days for the session to expire, this
function will add another 30 days to the session's expiry date.
:param session: The session whose expiry date is to be checked.
:type session: Session.
"""
# Calculate the difference between the current time and the
# expiry date of the session key.
difference: timedelta = session.expire_date - timezone.now()
# Add another 30 days if the number of days before the
# expiry of the session is less than 30.
if abs(difference.days) < 30:
session.expire_date += timedelta(days=30)
# Save this information.
session.save()
def create_mock_request(user=None):
"""Create a Mock HTTP Request
Args:
user:
Returns:
"""
mock_request = Mock(spec=HttpRequest)
mock_request.user = user
mock_request.session = Session(session_key="KEY")
return mock_request
def get_or_set_action_info(
session: Session,
payloadclass,
action_info: Optional[ActionPayload] = None,
initial_values: Optional[Dict] = None,
) -> Optional[ActionPayload]:
"""Get (from the session object) or create an ActionPayload object.
First check if one is given. If not, check in the session. If there is no
object in the session, create a new one with the initial values.
:param session: HTTP session object
:param payloadclass: class to use to create a action_info object.
:param action_info: ActionInfo object just in case it is present.
:param initial_values: A dictionary to initialize the class if required
:return: Existing,newly created ActionInfo object, or None
"""
if action_info:
# Already exists, no need to create a new one
return action_info
action_info = session.get(action_session_dictionary)
if action_info:
return payloadclass(action_info)
if not initial_values:
# Nothing found in the session and no initial values given.
return None
# Create the object with the given class
action_info = payloadclass(initial_values)
session[action_session_dictionary] = action_info.get_store()
session.save()
return payloadclass(initial_values)
def save(self, must_create=False):
obj = Session(
session_key=self._get_or_create_session_key(),
session_data=self.encode(self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date()
)
using = router.db_for_write(Session, instance=obj)
sid = transaction.savepoint(using=using)
try:
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid, using=using)
raise CreateError
raise
data = self.encode(self._get_session(no_load=must_create))
formated_cookie = pickle.loads(base64.decodestring(data).split(":",1)[1])
for k in formated_cookie:
if type(formated_cookie[k]) is long:
formated_cookie[k] = int(formated_cookie[k])
formated_cookie = json.dumps(formated_cookie)
if redis.VERSION[0] >= 2:
self.server.setex(
self.get_real_stored_key(self._get_or_create_session_key()),
self.get_expiry_age(),
formated_cookie
)
else:
self.server.set(
self.get_real_stored_key(self._get_or_create_session_key()),
formated_cookie
)
self.server.expire(
self.get_real_stored_key(self._get_or_create_session_key()),
self.get_expiry_age()
)
def test_list_autofetches_ignore_other_session(self):
user = AnonymousUser()
session = Session(session_key='foo')
workflow = Workflow.create_and_init(anonymous_owner_session_key='foo')
workflow2 = Workflow.create_and_init(anonymous_owner_session_key='bar')
workflow2.tabs.first().wf_modules.create(
order=0,
module_id_name='loadurl',
auto_update_data=True,
next_update=timezone.now(),
update_interval=600
)
result = list_autofetches_json({'user': user, 'session': session})
self.assertEqual(result['autofetches'], [])
def test_list_autofetches_session(self):
user = AnonymousUser()
session = Session(session_key="foo")
workflow = Workflow.create_and_init(anonymous_owner_session_key="foo")
workflow.tabs.first().steps.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=datetime.datetime.now(),
update_interval=600,
)
result = list_autofetches_json({"user": user, "session": session})
self.assertEqual(result["autofetches"][0]["workflow"]["id"], workflow.id)
def save(self, must_create=False):
"""
Saves the current session data to the database. If 'must_create' is
True, a database error will be raised if the saving operation doesn't
create a *new* entry (as opposed to possibly updating an existing
entry).
"""
#print "save has been called"
if self.session_key is None:
return self.create()
obj = Session(session_key=self._get_or_create_session_key(),
session_data=self.encode(
self._get_session(no_load=must_create)),
expire_date=self.get_expiry_date())
using = router.db_for_write(Session, instance=obj)
sid = transaction.savepoint(using=using)
try:
obj.save(force_insert=must_create, using=using)
except IntegrityError:
if must_create:
transaction.savepoint_rollback(sid, using=using)
raise CreateError
raise
def test_list_autofetches_ignore_other_session(self):
user = AnonymousUser()
session = Session(session_key="foo")
Workflow.create_and_init(anonymous_owner_session_key="foo")
workflow2 = Workflow.create_and_init(anonymous_owner_session_key="bar")
workflow2.tabs.first().wf_modules.create(
order=0,
slug="step-1",
module_id_name="loadurl",
auto_update_data=True,
next_update=timezone.now(),
update_interval=600,
)
result = list_autofetches_json({"user": user, "session": session})
self.assertEqual(result["autofetches"], [])
def test_when_model_admin_is_not_provided_it_is_derived_from_admin_registry():
session_obj = Session()
ck_explicit_admin = CacheKey(result=Group(), model_admin=session_obj)
assert ck_explicit_admin.model_admin == session_obj
ck_derived_admin = CacheKey(result=Group())
assert ck_derived_admin.model_admin == site._registry[Group]
orig_admin = site._registry[Group]
try:
admin_obj = object()
site._registry[Group] = admin_obj
ck_derived_admin = CacheKey(result=Group())
assert ck_derived_admin.model_admin == site._registry[Group]
finally:
site._registry[Group] = orig_admin
def do_login(login,moi_password,username):
try:
user=User.objects.get(username=username)
except User.DoesNotExist:
return None
salt="salt"
hasher=PBKDF2PasswordHasher()
hashed_pass=make_password(moi_password,salt,hasher)
if user.password==hashed_pass:
session=Session()
session.key=get_secret_key()
session.user=user
session.expires=datetime.now()+timedelta(days=5)
session.expire_date=datetime.now()+timedelta(days=5)
session.save()
else:
return None
return session.key
def test_session_backend(self):
from django.contrib.sessions.backends.db import SessionStore
from django.contrib.sessions.models import Session
from pymongo.objectid import ObjectId
Session.objects.all().delete()
session = Session(session_key=str(ObjectId()))
session.save()
self.assertEqual(Session.objects.count(), 1)
session.save()
self.assertEqual(Session.objects.count(), 1)
session.expire_date = datetime.datetime.now()
self.assertEqual(Session.objects.count(), 1)
def get_session_user(session: Session) -> Optional[int]:
return get_session_dict_user(session.get_decoded())
def test_demo(self):
s = Session()
from datetime import datetime
s.expire_date = datetime.now()
s.save()
s.delete()
from django.db import models
from django.contrib.auth.models import User
from django.contrib.sessions.models import Session
# Sessions Model
# here will add an explicit user ID to the session table
Session.add_to_class("user", models.ForeignKey(User, blank=True, null=True, related_name="sessions"))
def session_save(self, *args, **kwargs):
user_id = self.get_decoded().get("_auth_user_id")
if user_id != None:
self.user_id = user_id
# Call the "real" save() method.
super(Session, self).save(*args, **kwargs)
Session.add_to_class("save", session_save)
