Changeset 1770
- Timestamp:
- 10/26/07 21:23:02
- Files:
-
- trunk/cherrypy/_cptools.py (modified) (1 diff)
- trunk/cherrypy/lib/sessions.py (modified) (5 diffs)
- trunk/cherrypy/test/test_session.py (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/cherrypy/_cptools.py
r1728 r1770 243 243 hooks.attach('before_finalize', _sessions.save) 244 244 hooks.attach('on_end_request', _sessions.close) 245 246 def regenerate(self): 247 """Drop the current session and make a new one (with a new id).""" 248 sess = cherrypy.serving.session 249 sess.regenerate() 250 251 # Grab cookie-relevant tool args 252 conf = dict([(k, v) for k, v in self._merged_args().iteritems() 253 if k in ('path', 'path_header', 'name', 'timeout', 254 'domain', 'secure')]) 255 _sessions.set_response_cookie(**conf) 256 257 245 258 246 259 trunk/cherrypy/lib/sessions.py
r1752 r1770 59 59 setattr(self, k, v) 60 60 61 self.id = id 61 if id is None: 62 self.regenerate() 63 else: 64 self.id = id 65 66 def regenerate(self): 67 """Replace the current session (with a new id).""" 68 if self.id is not None: 69 self.delete() 70 71 old_session_was_locked = self.locked 72 if old_session_was_locked: 73 self.release_lock() 74 75 self.id = None 62 76 while self.id is None: 63 77 self.id = self.generate_id() … … 65 79 if self._load() is not None: 66 80 self.id = None 81 82 if old_session_was_locked: 83 self.acquire_lock() 67 84 68 85 def clean_up(self): … … 490 507 cookie 'path' will be pulled from request.headers[path_header]. 491 508 name: the name of the cookie. 492 timeout: the expiration timeout for the cookie. 509 timeout: the expiration timeout (in minutes) for both the cookie and 510 stored session data. 493 511 domain: the cookie domain. 494 512 secure: if False (the default) the cookie 'secure' value will not … … 531 549 cherrypy.session = cherrypy._ThreadLocalProxy('session') 532 550 551 set_response_cookie(path=path, path_header=path_header, name=name, 552 timeout=timeout, domain=domain, secure=secure) 553 554 555 def set_response_cookie(path=None, path_header=None, name='session_id', 556 timeout=60, domain=None, secure=False): 557 """Set a response cookie for the client. 558 559 path: the 'path' value to stick in the response cookie metadata. 560 path_header: if 'path' is None (the default), then the response 561 cookie 'path' will be pulled from request.headers[path_header]. 562 name: the name of the cookie. 563 timeout: the expiration timeout for the cookie. 564 domain: the cookie domain. 565 secure: if False (the default) the cookie 'secure' value will not 566 be set. If True, the cookie 'secure' value will be set (to 1). 567 """ 533 568 # Set response cookie 534 569 cookie = cherrypy.response.cookie 535 cookie[name] = sess.id 536 cookie[name]['path'] = path or request.headers.get(path_header) or '/' 570 cookie[name] = cherrypy.serving.session.id 571 cookie[name]['path'] = (path or cherrypy.request.headers.get(path_header) 572 or '/') 537 573 538 574 # We'd like to use the "max-age" param as indicated in … … 557 593 cherrypy.response.cookie[name]['expires'] = t 558 594 595 trunk/cherrypy/test/test_session.py
r1742 r1770 84 84 return cherrypy.request.method 85 85 restricted.exposed = True 86 87 def regen(self): 88 cherrypy.tools.sessions.regenerate() 89 return "logged in" 90 regen.exposed = True 86 91 87 92 cherrypy.tree.mount(Root()) … … 203 208 self.getPage('/restricted', self.cookies, method='POST') 204 209 self.assertErrorPage(405, "Specified method is invalid for this server.") 210 211 def test_6_regenerate(self): 212 self.getPage('/testStr') 213 # grab the cookie ID 214 id1 = self.cookies[0][1].split(";", 1)[0].split("=", 1)[1] 215 self.getPage('/regen') 216 self.assertBody('logged in') 217 id2 = self.cookies[0][1].split(";", 1)[0].split("=", 1)[1] 218 self.assertNotEqual(id1, id2) 205 219 206 220
