<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang=""> <head> <meta http-equiv="X-UA-Compatible" content="IE=Edge" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>django.contrib.sessions.backends.base — Django 1.11.20 documentation</title> <link rel="stylesheet" href="../../../../../_static/default.css" type="text/css" /> <link rel="stylesheet" href="../../../../../_static/pygments.css" type="text/css" /> <script type="text/javascript" id="documentation_options" data-url_root="../../../../../" src="../../../../../_static/documentation_options.js"></script> <script type="text/javascript" src="../../../../../_static/jquery.js"></script> <script type="text/javascript" src="../../../../../_static/underscore.js"></script> <script type="text/javascript" src="../../../../../_static/doctools.js"></script> <script type="text/javascript" src="../../../../../_static/language_data.js"></script> <link rel="index" title="Index" href="../../../../../genindex.html" /> <link rel="search" title="Search" href="../../../../../search.html" /> <script type="text/javascript" src="../../../../../templatebuiltins.js"></script> <script type="text/javascript"> (function($) { if (!django_template_builtins) { // templatebuiltins.js missing, do nothing. return; } $(document).ready(function() { // Hyperlink Django template tags and filters var base = "../../../../../ref/templates/builtins.html"; if (base == "#") { // Special case for builtins.html itself base = ""; } // Tags are keywords, class '.k' $("div.highlight\\-html\\+django span.k").each(function(i, elem) { var tagname = $(elem).text(); if ($.inArray(tagname, django_template_builtins.ttags) != -1) { var fragment = tagname.replace(/_/, '-'); $(elem).html("<a href='" + base + "#" + fragment + "'>" + tagname + "</a>"); } }); // Filters are functions, class '.nf' $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { var filtername = $(elem).text(); if ($.inArray(filtername, django_template_builtins.tfilters) != -1) { var fragment = filtername.replace(/_/, '-'); $(elem).html("<a href='" + base + "#" + fragment + "'>" + filtername + "</a>"); } }); }); })(jQuery); </script> </head><body> <div class="document"> <div id="custom-doc" class="yui-t6"> <div id="hd"> <h1><a href="../../../../../index.html">Django 1.11.20 documentation</a></h1> <div id="global-nav"> <a title="Home page" href="../../../../../index.html">Home</a> | <a title="Table of contents" href="../../../../../contents.html">Table of contents</a> | <a title="Global index" href="../../../../../genindex.html">Index</a> | <a title="Module index" href="../../../../../py-modindex.html">Modules</a> </div> <div class="nav"> <a href="../../../../index.html" title="Module code" accesskey="U">up</a></div> </div> <div id="bd"> <div id="yui-main"> <div class="yui-b"> <div class="yui-g" id="_modules-django-contrib-sessions-backends-base"> <h1>Source code for django.contrib.sessions.backends.base</h1><div class="highlight"><pre> <span></span><span class="kn">from</span> <span class="nn">__future__</span> <span class="k">import</span> <span class="n">unicode_literals</span> <span class="kn">import</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="nn">logging</span> <span class="kn">import</span> <span class="nn">string</span> <span class="kn">from</span> <span class="nn">datetime</span> <span class="k">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timedelta</span> <span class="kn">from</span> <span class="nn">django.conf</span> <span class="k">import</span> <span class="n">settings</span> <span class="kn">from</span> <span class="nn">django.contrib.sessions.exceptions</span> <span class="k">import</span> <span class="n">SuspiciousSession</span> <span class="kn">from</span> <span class="nn">django.core.exceptions</span> <span class="k">import</span> <span class="n">SuspiciousOperation</span> <span class="kn">from</span> <span class="nn">django.utils</span> <span class="k">import</span> <span class="n">timezone</span> <span class="kn">from</span> <span class="nn">django.utils.crypto</span> <span class="k">import</span> <span class="p">(</span> <span class="n">constant_time_compare</span><span class="p">,</span> <span class="n">get_random_string</span><span class="p">,</span> <span class="n">salted_hmac</span><span class="p">,</span> <span class="p">)</span> <span class="kn">from</span> <span class="nn">django.utils.encoding</span> <span class="k">import</span> <span class="n">force_bytes</span><span class="p">,</span> <span class="n">force_text</span> <span class="kn">from</span> <span class="nn">django.utils.module_loading</span> <span class="k">import</span> <span class="n">import_string</span> <span class="c1"># session_key should not be case sensitive because some backends can store it</span> <span class="c1"># on case insensitive file systems.</span> <span class="n">VALID_KEY_CHARS</span> <span class="o">=</span> <span class="n">string</span><span class="o">.</span><span class="n">ascii_lowercase</span> <span class="o">+</span> <span class="n">string</span><span class="o">.</span><span class="n">digits</span> <span class="k">class</span> <span class="nc">CreateError</span><span class="p">(</span><span class="ne">Exception</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Used internally as a consistent exception type to catch from save (see the</span> <span class="sd"> docstring for SessionBase.save() for details).</span> <span class="sd"> """</span> <span class="k">pass</span> <span class="k">class</span> <span class="nc">UpdateError</span><span class="p">(</span><span class="ne">Exception</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Occurs if Django tries to update a session that was deleted.</span> <span class="sd"> """</span> <span class="k">pass</span> <span class="k">class</span> <span class="nc">SessionBase</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Base class for all Session classes.</span> <span class="sd"> """</span> <span class="n">TEST_COOKIE_NAME</span> <span class="o">=</span> <span class="s1">'testcookie'</span> <span class="n">TEST_COOKIE_VALUE</span> <span class="o">=</span> <span class="s1">'worked'</span> <span class="n">__not_given</span> <span class="o">=</span> <span class="nb">object</span><span class="p">()</span> <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">session_key</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_key</span> <span class="o">=</span> <span class="n">session_key</span> <span class="bp">self</span><span class="o">.</span><span class="n">accessed</span> <span class="o">=</span> <span class="kc">False</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="o">=</span> <span class="kc">False</span> <span class="bp">self</span><span class="o">.</span><span class="n">serializer</span> <span class="o">=</span> <span class="n">import_string</span><span class="p">(</span><span class="n">settings</span><span class="o">.</span><span class="n">SESSION_SERIALIZER</span><span class="p">)</span> <span class="k">def</span> <span class="nf">__contains__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">):</span> <span class="k">return</span> <span class="n">key</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span> <span class="k">def</span> <span class="nf">__getitem__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="k">def</span> <span class="nf">__setitem__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="o">=</span> <span class="n">value</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="o">=</span> <span class="kc">True</span> <span class="k">def</span> <span class="nf">__delitem__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">):</span> <span class="k">del</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="o">=</span> <span class="kc">True</span> <span class="k">def</span> <span class="nf">get</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">default</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">default</span><span class="p">)</span> <span class="k">def</span> <span class="nf">pop</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">default</span><span class="o">=</span><span class="n">__not_given</span><span class="p">):</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="ow">or</span> <span class="n">key</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span> <span class="n">args</span> <span class="o">=</span> <span class="p">()</span> <span class="k">if</span> <span class="n">default</span> <span class="ow">is</span> <span class="bp">self</span><span class="o">.</span><span class="n">__not_given</span> <span class="k">else</span> <span class="p">(</span><span class="n">default</span><span class="p">,)</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="o">*</span><span class="n">args</span><span class="p">)</span> <span class="k">def</span> <span class="nf">setdefault</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> <span class="k">if</span> <span class="n">key</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="p">:</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="k">else</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="o">=</span> <span class="kc">True</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="o">=</span> <span class="n">value</span> <span class="k">return</span> <span class="n">value</span> <span class="k">def</span> <span class="nf">set_test_cookie</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="bp">self</span><span class="p">[</span><span class="bp">self</span><span class="o">.</span><span class="n">TEST_COOKIE_NAME</span><span class="p">]</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">TEST_COOKIE_VALUE</span> <span class="k">def</span> <span class="nf">test_cookie_worked</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">TEST_COOKIE_NAME</span><span class="p">)</span> <span class="o">==</span> <span class="bp">self</span><span class="o">.</span><span class="n">TEST_COOKIE_VALUE</span> <span class="k">def</span> <span class="nf">delete_test_cookie</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">del</span> <span class="bp">self</span><span class="p">[</span><span class="bp">self</span><span class="o">.</span><span class="n">TEST_COOKIE_NAME</span><span class="p">]</span> <span class="k">def</span> <span class="nf">_hash</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> <span class="n">key_salt</span> <span class="o">=</span> <span class="s2">"django.contrib.sessions"</span> <span class="o">+</span> <span class="bp">self</span><span class="o">.</span><span class="vm">__class__</span><span class="o">.</span><span class="vm">__name__</span> <span class="k">return</span> <span class="n">salted_hmac</span><span class="p">(</span><span class="n">key_salt</span><span class="p">,</span> <span class="n">value</span><span class="p">)</span><span class="o">.</span><span class="n">hexdigest</span><span class="p">()</span> <span class="k">def</span> <span class="nf">encode</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">session_dict</span><span class="p">):</span> <span class="s2">"Returns the given session dictionary serialized and encoded as a string."</span> <span class="n">serialized</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">serializer</span><span class="p">()</span><span class="o">.</span><span class="n">dumps</span><span class="p">(</span><span class="n">session_dict</span><span class="p">)</span> <span class="nb">hash</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_hash</span><span class="p">(</span><span class="n">serialized</span><span class="p">)</span> <span class="k">return</span> <span class="n">base64</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="nb">hash</span><span class="o">.</span><span class="n">encode</span><span class="p">()</span> <span class="o">+</span> <span class="sa">b</span><span class="s2">":"</span> <span class="o">+</span> <span class="n">serialized</span><span class="p">)</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="s1">'ascii'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">decode</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">session_data</span><span class="p">):</span> <span class="n">encoded_data</span> <span class="o">=</span> <span class="n">base64</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">force_bytes</span><span class="p">(</span><span class="n">session_data</span><span class="p">))</span> <span class="k">try</span><span class="p">:</span> <span class="c1"># could produce ValueError if there is no ':'</span> <span class="nb">hash</span><span class="p">,</span> <span class="n">serialized</span> <span class="o">=</span> <span class="n">encoded_data</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="sa">b</span><span class="s1">':'</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> <span class="n">expected_hash</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_hash</span><span class="p">(</span><span class="n">serialized</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">constant_time_compare</span><span class="p">(</span><span class="nb">hash</span><span class="o">.</span><span class="n">decode</span><span class="p">(),</span> <span class="n">expected_hash</span><span class="p">):</span> <span class="k">raise</span> <span class="n">SuspiciousSession</span><span class="p">(</span><span class="s2">"Session data corrupted"</span><span class="p">)</span> <span class="k">else</span><span class="p">:</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">serializer</span><span class="p">()</span><span class="o">.</span><span class="n">loads</span><span class="p">(</span><span class="n">serialized</span><span class="p">)</span> <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="c1"># ValueError, SuspiciousOperation, unpickling exceptions. If any of</span> <span class="c1"># these happen, just return an empty dictionary (an empty session).</span> <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">e</span><span class="p">,</span> <span class="n">SuspiciousOperation</span><span class="p">):</span> <span class="n">logger</span> <span class="o">=</span> <span class="n">logging</span><span class="o">.</span><span class="n">getLogger</span><span class="p">(</span><span class="s1">'django.security.</span><span class="si">%s</span><span class="s1">'</span> <span class="o">%</span> <span class="n">e</span><span class="o">.</span><span class="vm">__class__</span><span class="o">.</span><span class="vm">__name__</span><span class="p">)</span> <span class="n">logger</span><span class="o">.</span><span class="n">warning</span><span class="p">(</span><span class="n">force_text</span><span class="p">(</span><span class="n">e</span><span class="p">))</span> <span class="k">return</span> <span class="p">{}</span> <span class="k">def</span> <span class="nf">update</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">dict_</span><span class="p">):</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">dict_</span><span class="p">)</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="o">=</span> <span class="kc">True</span> <span class="k">def</span> <span class="nf">has_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">):</span> <span class="k">return</span> <span class="n">key</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span> <span class="k">def</span> <span class="nf">keys</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span> <span class="k">def</span> <span class="nf">values</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">values</span><span class="p">()</span> <span class="k">def</span> <span class="nf">items</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">items</span><span class="p">()</span> <span class="k">def</span> <span class="nf">iterkeys</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">iterkeys</span><span class="p">()</span> <span class="k">def</span> <span class="nf">itervalues</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">itervalues</span><span class="p">()</span> <span class="k">def</span> <span class="nf">iteritems</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span><span class="o">.</span><span class="n">iteritems</span><span class="p">()</span> <span class="k">def</span> <span class="nf">clear</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="c1"># To avoid unnecessary persistent storage accesses, we set up the</span> <span class="c1"># internals directly (loading data wastes time, since we are going to</span> <span class="c1"># set it to an empty dict anyway).</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_cache</span> <span class="o">=</span> <span class="p">{}</span> <span class="bp">self</span><span class="o">.</span><span class="n">accessed</span> <span class="o">=</span> <span class="kc">True</span> <span class="bp">self</span><span class="o">.</span><span class="n">modified</span> <span class="o">=</span> <span class="kc">True</span> <span class="k">def</span> <span class="nf">is_empty</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="s2">"Returns True when there is no session_key and the session is empty"</span> <span class="k">try</span><span class="p">:</span> <span class="k">return</span> <span class="ow">not</span> <span class="nb">bool</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_session_key</span><span class="p">)</span> <span class="ow">and</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_cache</span> <span class="k">except</span> <span class="ne">AttributeError</span><span class="p">:</span> <span class="k">return</span> <span class="kc">True</span> <span class="k">def</span> <span class="nf">_get_new_session_key</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="s2">"Returns session key that isn't being used."</span> <span class="k">while</span> <span class="kc">True</span><span class="p">:</span> <span class="n">session_key</span> <span class="o">=</span> <span class="n">get_random_string</span><span class="p">(</span><span class="mi">32</span><span class="p">,</span> <span class="n">VALID_KEY_CHARS</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">exists</span><span class="p">(</span><span class="n">session_key</span><span class="p">):</span> <span class="k">break</span> <span class="k">return</span> <span class="n">session_key</span> <span class="k">def</span> <span class="nf">_get_or_create_session_key</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_key</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_get_new_session_key</span><span class="p">()</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_key</span> <span class="k">def</span> <span class="nf">_validate_session_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Key must be truthy and at least 8 characters long. 8 characters is an</span> <span class="sd"> arbitrary lower bound for some minimal key security.</span> <span class="sd"> """</span> <span class="k">return</span> <span class="n">key</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">key</span><span class="p">)</span> <span class="o">>=</span> <span class="mi">8</span> <span class="k">def</span> <span class="nf">_get_session_key</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__session_key</span> <span class="k">def</span> <span class="nf">_set_session_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Validate session key on assignment. Invalid values will set to None.</span> <span class="sd"> """</span> <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_validate_session_key</span><span class="p">(</span><span class="n">value</span><span class="p">):</span> <span class="bp">self</span><span class="o">.</span><span class="n">__session_key</span> <span class="o">=</span> <span class="n">value</span> <span class="k">else</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">__session_key</span> <span class="o">=</span> <span class="kc">None</span> <span class="n">session_key</span> <span class="o">=</span> <span class="nb">property</span><span class="p">(</span><span class="n">_get_session_key</span><span class="p">)</span> <span class="n">_session_key</span> <span class="o">=</span> <span class="nb">property</span><span class="p">(</span><span class="n">_get_session_key</span><span class="p">,</span> <span class="n">_set_session_key</span><span class="p">)</span> <span class="k">def</span> <span class="nf">_get_session</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">no_load</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Lazily loads session from storage (unless "no_load" is True, when only</span> <span class="sd"> an empty dict is stored) and stores it in the current instance.</span> <span class="sd"> """</span> <span class="bp">self</span><span class="o">.</span><span class="n">accessed</span> <span class="o">=</span> <span class="kc">True</span> <span class="k">try</span><span class="p">:</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_cache</span> <span class="k">except</span> <span class="ne">AttributeError</span><span class="p">:</span> <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">session_key</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">no_load</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_cache</span> <span class="o">=</span> <span class="p">{}</span> <span class="k">else</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_cache</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">load</span><span class="p">()</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_cache</span> <span class="n">_session</span> <span class="o">=</span> <span class="nb">property</span><span class="p">(</span><span class="n">_get_session</span><span class="p">)</span> <span class="k">def</span> <span class="nf">get_expiry_age</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span> <span class="sd">"""Get the number of seconds until the session expires.</span> <span class="sd"> Optionally, this function accepts `modification` and `expiry` keyword</span> <span class="sd"> arguments specifying the modification and expiry of the session.</span> <span class="sd"> """</span> <span class="k">try</span><span class="p">:</span> <span class="n">modification</span> <span class="o">=</span> <span class="n">kwargs</span><span class="p">[</span><span class="s1">'modification'</span><span class="p">]</span> <span class="k">except</span> <span class="ne">KeyError</span><span class="p">:</span> <span class="n">modification</span> <span class="o">=</span> <span class="n">timezone</span><span class="o">.</span><span class="n">now</span><span class="p">()</span> <span class="c1"># Make the difference between "expiry=None passed in kwargs" and</span> <span class="c1"># "expiry not passed in kwargs", in order to guarantee not to trigger</span> <span class="c1"># self.load() when expiry is provided.</span> <span class="k">try</span><span class="p">:</span> <span class="n">expiry</span> <span class="o">=</span> <span class="n">kwargs</span><span class="p">[</span><span class="s1">'expiry'</span><span class="p">]</span> <span class="k">except</span> <span class="ne">KeyError</span><span class="p">:</span> <span class="n">expiry</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">'_session_expiry'</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">expiry</span><span class="p">:</span> <span class="c1"># Checks both None and 0 cases</span> <span class="k">return</span> <span class="n">settings</span><span class="o">.</span><span class="n">SESSION_COOKIE_AGE</span> <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">expiry</span><span class="p">,</span> <span class="n">datetime</span><span class="p">):</span> <span class="k">return</span> <span class="n">expiry</span> <span class="n">delta</span> <span class="o">=</span> <span class="n">expiry</span> <span class="o">-</span> <span class="n">modification</span> <span class="k">return</span> <span class="n">delta</span><span class="o">.</span><span class="n">days</span> <span class="o">*</span> <span class="mi">86400</span> <span class="o">+</span> <span class="n">delta</span><span class="o">.</span><span class="n">seconds</span> <span class="k">def</span> <span class="nf">get_expiry_date</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span> <span class="sd">"""Get session the expiry date (as a datetime object).</span> <span class="sd"> Optionally, this function accepts `modification` and `expiry` keyword</span> <span class="sd"> arguments specifying the modification and expiry of the session.</span> <span class="sd"> """</span> <span class="k">try</span><span class="p">:</span> <span class="n">modification</span> <span class="o">=</span> <span class="n">kwargs</span><span class="p">[</span><span class="s1">'modification'</span><span class="p">]</span> <span class="k">except</span> <span class="ne">KeyError</span><span class="p">:</span> <span class="n">modification</span> <span class="o">=</span> <span class="n">timezone</span><span class="o">.</span><span class="n">now</span><span class="p">()</span> <span class="c1"># Same comment as in get_expiry_age</span> <span class="k">try</span><span class="p">:</span> <span class="n">expiry</span> <span class="o">=</span> <span class="n">kwargs</span><span class="p">[</span><span class="s1">'expiry'</span><span class="p">]</span> <span class="k">except</span> <span class="ne">KeyError</span><span class="p">:</span> <span class="n">expiry</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">'_session_expiry'</span><span class="p">)</span> <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">expiry</span><span class="p">,</span> <span class="n">datetime</span><span class="p">):</span> <span class="k">return</span> <span class="n">expiry</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">expiry</span><span class="p">:</span> <span class="c1"># Checks both None and 0 cases</span> <span class="n">expiry</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">SESSION_COOKIE_AGE</span> <span class="k">return</span> <span class="n">modification</span> <span class="o">+</span> <span class="n">timedelta</span><span class="p">(</span><span class="n">seconds</span><span class="o">=</span><span class="n">expiry</span><span class="p">)</span> <span class="k">def</span> <span class="nf">set_expiry</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Sets a custom expiration for the session. ``value`` can be an integer,</span> <span class="sd"> a Python ``datetime`` or ``timedelta`` object or ``None``.</span> <span class="sd"> If ``value`` is an integer, the session will expire after that many</span> <span class="sd"> seconds of inactivity. If set to ``0`` then the session will expire on</span> <span class="sd"> browser close.</span> <span class="sd"> If ``value`` is a ``datetime`` or ``timedelta`` object, the session</span> <span class="sd"> will expire at that specific future time.</span> <span class="sd"> If ``value`` is ``None``, the session uses the global session expiry</span> <span class="sd"> policy.</span> <span class="sd"> """</span> <span class="k">if</span> <span class="n">value</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span> <span class="c1"># Remove any custom expiration for this session.</span> <span class="k">try</span><span class="p">:</span> <span class="k">del</span> <span class="bp">self</span><span class="p">[</span><span class="s1">'_session_expiry'</span><span class="p">]</span> <span class="k">except</span> <span class="ne">KeyError</span><span class="p">:</span> <span class="k">pass</span> <span class="k">return</span> <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="n">timedelta</span><span class="p">):</span> <span class="n">value</span> <span class="o">=</span> <span class="n">timezone</span><span class="o">.</span><span class="n">now</span><span class="p">()</span> <span class="o">+</span> <span class="n">value</span> <span class="bp">self</span><span class="p">[</span><span class="s1">'_session_expiry'</span><span class="p">]</span> <span class="o">=</span> <span class="n">value</span> <span class="k">def</span> <span class="nf">get_expire_at_browser_close</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Returns ``True`` if the session is set to expire when the browser</span> <span class="sd"> closes, and ``False`` if there's an expiry date. Use</span> <span class="sd"> ``get_expiry_date()`` or ``get_expiry_age()`` to find the actual expiry</span> <span class="sd"> date/age, if there is one.</span> <span class="sd"> """</span> <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">'_session_expiry'</span><span class="p">)</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span> <span class="k">return</span> <span class="n">settings</span><span class="o">.</span><span class="n">SESSION_EXPIRE_AT_BROWSER_CLOSE</span> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">'_session_expiry'</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span> <span class="k">def</span> <span class="nf">flush</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Removes the current session data from the database and regenerates the</span> <span class="sd"> key.</span> <span class="sd"> """</span> <span class="bp">self</span><span class="o">.</span><span class="n">clear</span><span class="p">()</span> <span class="bp">self</span><span class="o">.</span><span class="n">delete</span><span class="p">()</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_key</span> <span class="o">=</span> <span class="kc">None</span> <span class="k">def</span> <span class="nf">cycle_key</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Creates a new session key, while retaining the current session data.</span> <span class="sd"> """</span> <span class="n">data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session</span> <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">session_key</span> <span class="bp">self</span><span class="o">.</span><span class="n">create</span><span class="p">()</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_cache</span> <span class="o">=</span> <span class="n">data</span> <span class="k">if</span> <span class="n">key</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">delete</span><span class="p">(</span><span class="n">key</span><span class="p">)</span> <span class="c1"># Methods that child classes must implement.</span> <span class="k">def</span> <span class="nf">exists</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">session_key</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Returns True if the given session_key already exists.</span> <span class="sd"> """</span> <span class="k">raise</span> <span class="ne">NotImplementedError</span><span class="p">(</span><span class="s1">'subclasses of SessionBase must provide an exists() method'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">create</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Creates a new session instance. Guaranteed to create a new object with</span> <span class="sd"> a unique key and will have saved the result once (with empty data)</span> <span class="sd"> before the method returns.</span> <span class="sd"> """</span> <span class="k">raise</span> <span class="ne">NotImplementedError</span><span class="p">(</span><span class="s1">'subclasses of SessionBase must provide a create() method'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">save</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">must_create</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Saves the session data. If 'must_create' is True, a new session object</span> <span class="sd"> is created (otherwise a CreateError exception is raised). Otherwise,</span> <span class="sd"> save() only updates an existing object and does not create one</span> <span class="sd"> (an UpdateError is raised).</span> <span class="sd"> """</span> <span class="k">raise</span> <span class="ne">NotImplementedError</span><span class="p">(</span><span class="s1">'subclasses of SessionBase must provide a save() method'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">delete</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">session_key</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Deletes the session data under this key. If the key is None, the</span> <span class="sd"> current session key value is used.</span> <span class="sd"> """</span> <span class="k">raise</span> <span class="ne">NotImplementedError</span><span class="p">(</span><span class="s1">'subclasses of SessionBase must provide a delete() method'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">load</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Loads the session data and returns a dictionary.</span> <span class="sd"> """</span> <span class="k">raise</span> <span class="ne">NotImplementedError</span><span class="p">(</span><span class="s1">'subclasses of SessionBase must provide a load() method'</span><span class="p">)</span> <span class="nd">@classmethod</span> <span class="k">def</span> <span class="nf">clear_expired</span><span class="p">(</span><span class="bp">cls</span><span class="p">):</span> <span class="sd">"""</span> <span class="sd"> Remove expired sessions from the session store.</span> <span class="sd"> If this operation isn't possible on a given backend, it should raise</span> <span class="sd"> NotImplementedError. If it isn't necessary, because the backend has</span> <span class="sd"> a built-in expiration mechanism, it should be a no-op.</span> <span class="sd"> """</span> <span class="k">raise</span> <span class="ne">NotImplementedError</span><span class="p">(</span><span class="s1">'This backend does not support clear_expired().'</span><span class="p">)</span> </pre></div> </div> </div> </div> <div class="yui-b" id="sidebar"> <div class="sphinxsidebar" role="navigation" aria-label="main navigation"> <div class="sphinxsidebarwrapper"> <div id="searchbox" style="display: none" role="search"> <h3>Quick search</h3> <div class="searchformwrapper"> <form class="search" action="../../../../../search.html" method="get"> <input type="text" name="q" /> <input type="submit" value="Go" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div> <script type="text/javascript">$('#searchbox').show(0);</script> </div> </div> <h3>Last update:</h3> <p class="topless">Feb 11, 2019</p> </div> </div> <div id="ft"> <div class="nav"> <a href="../../../../index.html" title="Module code" accesskey="U">up</a></div> </div> </div> <div class="clearer"></div> </div> </body> </html>