2013-05-16 07:14:28 +08:00
|
|
|
import logging
|
|
|
|
|
|
2008-08-14 11:57:18 +08:00
|
|
|
from django.contrib.sessions.backends.base import SessionBase, CreateError
|
2007-09-16 05:29:14 +08:00
|
|
|
from django.core.exceptions import SuspiciousOperation
|
2010-03-25 18:29:06 +08:00
|
|
|
from django.db import IntegrityError, transaction, router
|
2011-11-20 18:33:44 +08:00
|
|
|
from django.utils import timezone
|
2013-05-16 07:14:28 +08:00
|
|
|
from django.utils.encoding import force_text
|
2010-11-15 07:35:16 +08:00
|
|
|
|
2007-09-16 05:29:14 +08:00
|
|
|
class SessionStore(SessionBase):
|
|
|
|
|
"""
|
2008-06-23 13:08:07 +08:00
|
|
|
Implements database session store.
|
2007-09-16 05:29:14 +08:00
|
|
|
"""
|
2009-12-22 23:18:51 +08:00
|
|
|
def __init__(self, session_key=None):
|
|
|
|
|
super(SessionStore, self).__init__(session_key)
|
|
|
|
|
|
2007-09-16 05:29:14 +08:00
|
|
|
def load(self):
|
|
|
|
|
try:
|
|
|
|
|
s = Session.objects.get(
|
2012-10-28 01:18:03 +08:00
|
|
|
session_key=self.session_key,
|
2011-11-20 18:33:44 +08:00
|
|
|
expire_date__gt=timezone.now()
|
2007-09-16 05:29:14 +08:00
|
|
|
)
|
2012-08-13 04:26:17 +08:00
|
|
|
return self.decode(s.session_data)
|
2013-05-16 07:14:28 +08:00
|
|
|
except (Session.DoesNotExist, SuspiciousOperation) as e:
|
|
|
|
|
if isinstance(e, SuspiciousOperation):
|
|
|
|
|
logger = logging.getLogger('django.security.%s' %
|
|
|
|
|
e.__class__.__name__)
|
|
|
|
|
logger.warning(force_text(e))
|
2008-08-14 11:57:18 +08:00
|
|
|
self.create()
|
2007-09-16 05:29:14 +08:00
|
|
|
return {}
|
2008-01-06 20:53:09 +08:00
|
|
|
|
2007-09-16 05:29:14 +08:00
|
|
|
def exists(self, session_key):
|
2012-01-24 15:42:38 +08:00
|
|
|
return Session.objects.filter(session_key=session_key).exists()
|
2008-01-06 20:53:09 +08:00
|
|
|
|
2008-08-14 11:57:18 +08:00
|
|
|
def create(self):
|
|
|
|
|
while True:
|
2011-11-28 01:52:24 +08:00
|
|
|
self._session_key = self._get_new_session_key()
|
2008-08-14 11:57:18 +08:00
|
|
|
try:
|
|
|
|
|
# Save immediately to ensure we have a unique entry in the
|
|
|
|
|
# database.
|
|
|
|
|
self.save(must_create=True)
|
|
|
|
|
except CreateError:
|
|
|
|
|
# Key wasn't unique. Try again.
|
|
|
|
|
continue
|
|
|
|
|
self.modified = True
|
|
|
|
|
self._session_cache = {}
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
def save(self, must_create=False):
|
|
|
|
|
"""
|
|
|
|
|
Saves the current session data to the database. If 'must_create' is
|
|
|
|
|
True, a database error will be raised if the saving operation doesn't
|
|
|
|
|
create a *new* entry (as opposed to possibly updating an existing
|
|
|
|
|
entry).
|
|
|
|
|
"""
|
|
|
|
|
obj = Session(
|
2011-11-28 01:52:24 +08:00
|
|
|
session_key=self._get_or_create_session_key(),
|
|
|
|
|
session_data=self.encode(self._get_session(no_load=must_create)),
|
|
|
|
|
expire_date=self.get_expiry_date()
|
2007-09-16 05:29:14 +08:00
|
|
|
)
|
2010-03-25 18:29:06 +08:00
|
|
|
using = router.db_for_write(Session, instance=obj)
|
2008-08-14 11:57:18 +08:00
|
|
|
try:
|
2013-09-23 04:14:17 +08:00
|
|
|
with transaction.atomic(using=using):
|
|
|
|
|
obj.save(force_insert=must_create, using=using)
|
2008-08-14 11:57:18 +08:00
|
|
|
except IntegrityError:
|
|
|
|
|
if must_create:
|
|
|
|
|
raise CreateError
|
|
|
|
|
raise
|
2008-01-06 20:53:09 +08:00
|
|
|
|
2008-08-14 11:57:46 +08:00
|
|
|
def delete(self, session_key=None):
|
|
|
|
|
if session_key is None:
|
2011-11-28 01:52:24 +08:00
|
|
|
if self.session_key is None:
|
2008-08-15 22:59:11 +08:00
|
|
|
return
|
2011-11-28 01:52:24 +08:00
|
|
|
session_key = self.session_key
|
2007-09-16 05:29:14 +08:00
|
|
|
try:
|
|
|
|
|
Session.objects.get(session_key=session_key).delete()
|
|
|
|
|
except Session.DoesNotExist:
|
2008-01-06 20:53:09 +08:00
|
|
|
pass
|
2010-11-15 07:35:16 +08:00
|
|
|
|
2012-10-28 05:12:08 +08:00
|
|
|
@classmethod
|
|
|
|
|
def clear_expired(cls):
|
|
|
|
|
Session.objects.filter(expire_date__lt=timezone.now()).delete()
|
|
|
|
|
|
2010-11-15 07:35:16 +08:00
|
|
|
|
|
|
|
|
# At bottom to avoid circular import
|
|
|
|
|
from django.contrib.sessions.models import Session
|
