- If the ``identity`` dict passed to the ``auth_tkt`` ``remember``
method contains a ``max_age`` key with a string (or integer) value,
treat it as a cue to set the ``Max-Age`` and ``Expires`` headers in
the returned cookies. The cookie ``Max-Age`` is set to the value
and the ``Expires`` is computed from the current time.
| | |
| | | repoze.who changes |
| | | ================== |
| | | |
| | | Next release |
| | | ============ |
| | | |
| | | - If the ``identity`` dict passed to the ``auth_tkt`` ``remember`` |
| | | method contains a ``max_age`` key with a string (or integer) value, |
| | | treat it as a cue to set the ``Max-Age`` and ``Expires`` headers in |
| | | the returned cookies. The cookie ``Max-Age`` is set to the value |
| | | and the ``Expires`` is computed from the current time. |
| | | |
| | | 1.0.14 (2009/06/17) |
| | | =================== |
| | | |
| | |
| | | import datetime |
| | | from codecs import utf_8_decode |
| | | from codecs import utf_8_encode |
| | | import os |
| | |
| | | identity['userdata'] = user_data |
| | | return identity |
| | | |
| | | def _get_cookies(self, environ, value): |
| | | def _get_cookies(self, environ, value, max_age=None): |
| | | if max_age is not None: |
| | | later = datetime.datetime.now() + datetime.timedelta( |
| | | seconds=int(max_age)) |
| | | # Wdy, DD-Mon-YY HH:MM:SS GMT |
| | | expires = later.strftime('%a, %d %b %Y %H:%M:%S') |
| | | # the Expires header is *required* at least for IE7 (IE7 does |
| | | # not respect Max-Age) |
| | | max_age = "; Max-Age=%s; Expires=%s" % (max_age, expires) |
| | | else: |
| | | max_age = '' |
| | | |
| | | cur_domain = environ.get('HTTP_HOST', environ.get('SERVER_NAME')) |
| | | wild_domain = '.' + cur_domain |
| | | cookies = [ |
| | | ('Set-Cookie', '%s="%s"; Path=/' % ( |
| | | self.cookie_name, value)), |
| | | ('Set-Cookie', '%s="%s"; Path=/; Domain=%s' % ( |
| | | self.cookie_name, value, cur_domain)), |
| | | ('Set-Cookie', '%s="%s"; Path=/; Domain=%s' % ( |
| | | self.cookie_name, value, wild_domain)) |
| | | ('Set-Cookie', '%s="%s"; Path=/%s' % ( |
| | | self.cookie_name, value, max_age)), |
| | | ('Set-Cookie', '%s="%s"; Path=/; Domain=%s%s' % ( |
| | | self.cookie_name, value, cur_domain, max_age)), |
| | | ('Set-Cookie', '%s="%s"; Path=/; Domain=%s%s' % ( |
| | | self.cookie_name, value, wild_domain, max_age)) |
| | | ] |
| | | return cookies |
| | | |
| | |
| | | old_cookie = cookies.get(self.cookie_name) |
| | | existing = cookies.get(self.cookie_name) |
| | | old_cookie_value = getattr(existing, 'value', None) |
| | | max_age = identity.get('max_age', None) |
| | | |
| | | timestamp, userid, tokens, userdata = None, '', '', '' |
| | | |
| | |
| | | wild_domain = '.' + cur_domain |
| | | if old_cookie_value != new_cookie_value: |
| | | # return a set of Set-Cookie headers |
| | | return self._get_cookies(environ, new_cookie_value) |
| | | return self._get_cookies(environ, new_cookie_value, max_age) |
| | | |
| | | def __repr__(self): |
| | | return '<%s %s>' % (self.__class__.__name__, |
| | |
| | | # variable: |
| | | del environ['paste.cookies'] |
| | | self.assertEqual(environ, original_environ) |
| | | |
| | | |
| | | def test_remember_max_age(self): |
| | | plugin = self._makeOne('secret') |
| | | environ = {'HTTP_HOST':'example.com'} |
| | | |
| | | tkt = self._makeTicket(userid='chris', userdata='') |
| | | result = plugin.remember(environ, {'repoze.who.userid':'chris', |
| | | 'max_age':'500'}) |
| | | |
| | | name,value = result.pop(0) |
| | | self.assertEqual('Set-Cookie', name) |
| | | self.failUnless( |
| | | value.startswith('auth_tkt="%s"; Path=/; Max-Age=500' % tkt), |
| | | value) |
| | | self.failUnless('; Expires=' in value) |
| | | |
| | | name,value = result.pop(0) |
| | | self.assertEqual('Set-Cookie', name) |
| | | self.failUnless( |
| | | value.startswith( |
| | | 'auth_tkt="%s"; Path=/; Domain=example.com; Max-Age=500' |
| | | % tkt), value) |
| | | self.failUnless('; Expires=' in value) |
| | | |
| | | name,value = result.pop(0) |
| | | self.assertEqual('Set-Cookie', name) |
| | | self.failUnless( |
| | | value.startswith( |
| | | 'auth_tkt="%s"; Path=/; Domain=.example.com; Max-Age=500' % tkt), |
| | | value) |
| | | self.failUnless('; Expires=' in value) |
| | | |
| | | |
| | | def dummy_userid_checker(userid): |
| | | return userid == 'existing' |