def test_cookie_encoding(self):
app = Flask(__name__)
app.config['SECRET_KEY'] = 'deterministic'
# COOKIE = u'1|7d276051c1eec578ed86f6b8478f7f7d803a7970'
# Due to the restriction of 80 chars I have to break up the hash in two
h1 = u'0e9e6e9855fbe6df7906ec4737578a1d491b38d3fd5246c1561016e189d6516'
h2 = u'043286501ca43257c938e60aad77acec5ce916b94ca9d00c0bb6f9883ae4b82'
h3 = u'ae'
COOKIE = u'1|' + h1 + h2 + h3
with app.test_request_context():
self.assertEqual(COOKIE, encode_cookie(u'1'))
self.assertEqual(u'1', decode_cookie(COOKIE))
self.assertIsNone(decode_cookie(u'Foo|BAD_BASH'))
self.assertIsNone(decode_cookie(u'no bar'))
def test_cookie_encoding(self):
app = Flask(__name__)
app.config['SECRET_KEY'] = 'deterministic'
# COOKIE = u'1|7d276051c1eec578ed86f6b8478f7f7d803a7970'
# Due to the restriction of 80 chars I have to break up the hash in two
h1 = u'0e9e6e9855fbe6df7906ec4737578a1d491b38d3fd5246c1561016e189d6516'
h2 = u'043286501ca43257c938e60aad77acec5ce916b94ca9d00c0bb6f9883ae4b82'
h3 = u'ae'
COOKIE = u'1|' + h1 + h2 + h3
with app.test_request_context():
self.assertEqual(COOKIE, encode_cookie(u'1'))
self.assertEqual(u'1', decode_cookie(COOKIE))
self.assertIsNone(decode_cookie(u'Foo|BAD_BASH'))
self.assertIsNone(decode_cookie(u'no bar'))
def _check_session(user, request, api=False):
"""Check if the session is in the db"""
if user and not session_manager.session_in_db(): # pragma: no cover
login = getattr(user, 'name', None)
if login and not is_uuid(login):
remember = session.get('persistent', False)
if not remember:
from flask_login import decode_cookie
remember_cookie = request.cookies.get(
app.config.get('REMEMBER_COOKIE_NAME'), False)
# check if the remember_cookie is legit
if remember_cookie and decode_cookie(remember_cookie):
remember = True
session_manager.store_session(
login, request.remote_addr,
request.headers.get('User-Agent'), remember, api)
elif login:
app.uhandler.remove(login)
def _check_session(user, request, api=False):
"""Check if the session is in the db"""
if user and not session_manager.session_in_db(): # pragma: no cover
login = getattr(user, 'name', None)
if login and not is_uuid(login):
remember = session.get('persistent', False)
if not remember:
from flask_login import decode_cookie
remember_cookie = request.cookies.get(
app.config.get('REMEMBER_COOKIE_NAME'),
False
)
# check if the remember_cookie is legit
if remember_cookie and decode_cookie(remember_cookie):
remember = True
session_manager.store_session(
login,
request.remote_addr,
request.headers.get('User-Agent'),
remember,
api
)
elif login:
app.uhandler.remove(login)