def test_secure_cookie_session_interface_save_session_no_modification( ) -> None: session = SecureCookieSession() session['something'] = 'else' session.modified = False response = _save_session(session) assert response.headers.get('Set-Cookie') is None
async def test_secure_cookie_session_interface_save_session_no_modification( ) -> None: session = SecureCookieSession() session["something"] = "else" session.modified = False response = await _save_session(session) assert response.headers.get("Set-Cookie") is None
async def test_secure_cookie_session_interface_save_session_no_access() -> None: session = SecureCookieSession() session['something'] = 'else' session.accessed = False session.modified = False response = await _save_session(session) assert response.headers.get('Set-Cookie') is None assert response.headers.get('Vary') is None
def _test_secure_cookie_session( attribute: str) -> Generator[SecureCookieSession, None, None]: session = SecureCookieSession({'a': 'b'}) assert hasattr(session, attribute) assert not getattr(session, attribute) yield session assert getattr(session, attribute)
def test_secure_cookie_session_interface_open_session() -> None: session = SecureCookieSession() session['something'] = 'else' interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = 'secret' response = Response('') interface.save_session(app, session, response) request = Request('GET', 'http', '/', b'', CIMultiDict()) request.headers['Cookie'] = response.headers['Set-Cookie'] new_session = interface.open_session(app, request) assert new_session == session
def test_secure_cookie_session_interface_save_session() -> None: session = SecureCookieSession() session['something'] = 'else' interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = 'secret' response = Response('') interface.save_session(app, session, response) cookies = SimpleCookie() cookies.load(response.headers['Set-Cookie']) cookie = cookies[app.session_cookie_name] assert cookie['path'] == interface.get_cookie_path(app) assert cookie['httponly'] == '' if not interface.get_cookie_httponly(app) else True assert cookie['secure'] == '' if not interface.get_cookie_secure(app) else True assert cookie['domain'] == (interface.get_cookie_domain(app) or '') assert cookie['expires'] == (interface.get_expiration_time(app, session) or '') assert response.headers['Vary'] == 'Cookie'
def test_secure_cookie_modification() -> None: with _test_secure_cookie_session('modified') as session: session.clear() with _test_secure_cookie_session('modified') as session: session.setdefault('a', []) with _test_secure_cookie_session('modified') as session: session.update({'a': 'b'}) with _test_secure_cookie_session('modified') as session: session['a'] = 'b' with _test_secure_cookie_session('modified') as session: session.pop('a', None) with _test_secure_cookie_session('modified') as session: session.popitem() with _test_secure_cookie_session('modified') as session: del session['a'] session = SecureCookieSession({'a': 'b'}) _ = session['a'] # noqa assert not session.modified
def test_secure_cookie_modification() -> None: with _test_secure_cookie_session("modified") as session: session.clear() with _test_secure_cookie_session("modified") as session: session.setdefault("a", []) with _test_secure_cookie_session("modified") as session: session.update({"a": "b"}) with _test_secure_cookie_session("modified") as session: session["a"] = "b" with _test_secure_cookie_session("modified") as session: session.pop("a", None) with _test_secure_cookie_session("modified") as session: session.popitem() with _test_secure_cookie_session("modified") as session: del session["a"] session = SecureCookieSession({"a": "b"}) _ = session["a"] # noqa assert not session.modified
async def test_secure_cookie_session_interface_open_session() -> None: session = SecureCookieSession() session["something"] = "else" interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = "secret" response = Response("") await interface.save_session(app, session, response) request = Request("GET", "http", "/", b"", Headers(), "", "1.1", {}, send_push_promise=no_op_push) request.headers["Cookie"] = response.headers["Set-Cookie"] new_session = await interface.open_session(app, request) assert new_session == session
async def test_secure_cookie_session_interface_save_session() -> None: session = SecureCookieSession() session["something"] = "else" interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = "secret" response = Response("") await interface.save_session(app, session, response) cookies: SimpleCookie = SimpleCookie() cookies.load(response.headers["Set-Cookie"]) cookie = cookies[app.session_cookie_name] assert cookie["path"] == interface.get_cookie_path(app) assert cookie["httponly"] == "" if not interface.get_cookie_httponly( app) else True assert cookie["secure"] == "" if not interface.get_cookie_secure( app) else True if version_info >= (3, 8): assert cookie["samesite"] == (interface.get_cookie_samesite(app) or "") assert cookie["domain"] == (interface.get_cookie_domain(app) or "") assert cookie["expires"] == (interface.get_expiration_time(app, session) or "") assert response.headers["Vary"] == "Cookie"
def _session_app() -> Quart: app = Quart(__name__) app.session_interface = AsyncMock(spec=SessionInterface) app.session_interface.open_session.return_value = SecureCookieSession() # type: ignore app.session_interface.is_null_session.return_value = False # type: ignore @app.route("/") async def route() -> str: session["a"] = "b" return "" @app.websocket("/ws/") async def ws() -> None: session["a"] = "b" await websocket.accept() await websocket.send("") @app.websocket("/ws_return/") async def ws_return() -> str: session["a"] = "b" return "" return app