def __init__(self, request, key='beaker.session.id', timeout=None, cookie_expires=True, cookie_domain=None, encrypt_key=None, validate_key=None, secure=False, httponly=False, **kwargs): if not crypto.has_aes and encrypt_key: raise InvalidCryptoBackendError( "No AES library is installed, can't generate " "encrypted cookie-only Session.") self.request = request self.key = key self.timeout = timeout self.cookie_expires = cookie_expires self.encrypt_key = encrypt_key self.validate_key = validate_key self.request['set_cookie'] = False self.secure = secure self.httponly = httponly self._domain = cookie_domain self._path = '/' try: cookieheader = request['cookie'] except KeyError: cookieheader = '' if validate_key is None: raise BeakerException("No validate_key specified for Cookie only " "Session.") try: self.cookie = SignedCookie(validate_key, input=cookieheader) except http.cookies.CookieError: self.cookie = SignedCookie(validate_key, input=None) self['_id'] = _session_id() self.is_new = True # If we have a cookie, load it if self.key in self.cookie and self.cookie[self.key].value is not None: self.is_new = False try: cookie_data = self.cookie[self.key].value self.update(self._decrypt_data(cookie_data)) self._path = self.get('_path', '/') except: pass if self.timeout is not None and time.time() - \ self['_accessed_time'] > self.timeout: self.clear() self.accessed_dict = self.copy() self._create_cookie()
def get_crypto_module(name): """ Get the active crypto module for this name """ if name not in CRYPTO_MODULES: if name == 'default': register_crypto_module('default', load_default_module()) elif name == 'nss': from beaker.crypto import nsscrypto register_crypto_module(name, nsscrypto) elif name == 'pycrypto': from beaker.crypto import pycrypto register_crypto_module(name, pycrypto) elif name == 'cryptography': from beaker.crypto import pyca_cryptography register_crypto_module(name, pyca_cryptography) else: raise InvalidCryptoBackendError( "No crypto backend with name '%s' is registered." % name) return CRYPTO_MODULES[name]
def __init__(self, request, key='beaker.session.id', timeout=None, save_accessed_time=True, cookie_expires=True, cookie_domain=None, cookie_path='/', encrypt_key=None, validate_key=None, secure=False, httponly=False, data_serializer='pickle', encrypt_nonce_bits=DEFAULT_NONCE_BITS, invalidate_corrupt=False, crypto_type='default', **kwargs): self.crypto_module = get_crypto_module(crypto_type) if not self.crypto_module.has_aes and encrypt_key: raise InvalidCryptoBackendError( "No AES library is installed, can't generate " "encrypted cookie-only Session.") self.request = request self.key = key self.timeout = timeout self.save_atime = save_accessed_time self.cookie_expires = cookie_expires self.encrypt_key = encrypt_key self.validate_key = validate_key self.encrypt_nonce_size = get_nonce_size(encrypt_nonce_bits) self.request['set_cookie'] = False self.secure = secure self.httponly = httponly self._domain = cookie_domain self._path = cookie_path self.invalidate_corrupt = invalidate_corrupt self._set_serializer(data_serializer) try: cookieheader = request['cookie'] except KeyError: cookieheader = '' if validate_key is None: raise BeakerException("No validate_key specified for Cookie only " "Session.") if timeout and not save_accessed_time: raise BeakerException("timeout requires save_accessed_time") try: self.cookie = SignedCookie( validate_key, input=cookieheader, ) except http_cookies.CookieError: self.cookie = SignedCookie( validate_key, input=None, ) self['_id'] = _session_id() self.is_new = True # If we have a cookie, load it if self.key in self.cookie and self.cookie[self.key].value is not None: self.is_new = False try: cookie_data = self.cookie[self.key].value if cookie_data is InvalidSignature: raise BeakerException("Invalid signature") self.update(self._decrypt_data(cookie_data)) self._path = self.get('_path', '/') except Exception as e: if self.invalidate_corrupt: util.warn("Invalidating corrupt session %s; " "error was: %s. Set invalidate_corrupt=False " "to propagate this exception." % (self.id, e)) self.invalidate() else: raise if self.timeout is not None: now = time.time() last_accessed_time = self.get('_accessed_time', now) if now - last_accessed_time > self.timeout: self.clear() self.accessed_dict = self.copy() self._create_cookie()