diff options
author | Alexander Sulfrian <alexander@sulfrian.net> | 2016-01-31 17:06:31 +0100 |
---|---|---|
committer | Alexander Sulfrian <alexander@sulfrian.net> | 2016-02-02 04:23:27 +0100 |
commit | c8117f049603b850a70bdb1823114aa75e3b08b6 (patch) | |
tree | 012544cabc25630dbb029a79c2a604ed0850386c /accounts/utils/sessions.py | |
parent | 801a10264d3b1652c804321861a2f916c8fd9e30 (diff) | |
download | web-c8117f049603b850a70bdb1823114aa75e3b08b6.tar.gz web-c8117f049603b850a70bdb1823114aa75e3b08b6.tar.bz2 web-c8117f049603b850a70bdb1823114aa75e3b08b6.zip |
utils/sessions: Automatic permanent sessions
Diffstat (limited to 'accounts/utils/sessions.py')
-rw-r--r-- | accounts/utils/sessions.py | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/accounts/utils/sessions.py b/accounts/utils/sessions.py index cd12030..dd4e4bb 100644 --- a/accounts/utils/sessions.py +++ b/accounts/utils/sessions.py @@ -24,17 +24,15 @@ class EncryptedSerializer(TaggedJSONSerializer): self.block_size = AES.block_size def _cipher(self, iv): - return AES.new( - current_app.config['SESSION_ENCRYPTION_KEY'], - AES.MODE_CBC, iv) + key = current_app.config['SESSION_ENCRYPTION_KEY'] + assert len(key) == 32 + return AES.new(key, AES.MODE_CBC, iv) def dumps(self, value): """ Encrypt the serialized values with `config.SESSION_ENCRYPTION_KEY`. The key must be 32 bytes long. """ - assert len(current_app.config['SESSION_ENCRYPTION_KEY']) == 32 - serialized_value = super(EncryptedSerializer, self).dumps(value) raw = _pad(serialized_value, self.block_size) @@ -54,9 +52,18 @@ class EncryptedSerializer(TaggedJSONSerializer): class EncryptedSessionInterface(SecureCookieSessionInterface): serializer = EncryptedSerializer() - def open_session(self, *args, **kwargs): + def open_session(self, app, request): + session = None try: parent = super(EncryptedSessionInterface, self) - return parent.open_session(*args, **kwargs) + session = parent.open_session(app, request) except BadPayload: - return self.session_class() + session = self.session_class() + + if session is not None: + if app.config.get('PERMANENT_SESSION_LIFETIME') is not None: + session.permanent = True + else: + session.permanent = False + + return session |