2009-01-11 06:18:14 +08:00
|
|
|
"""
|
|
|
|
|
Cached, database-backed sessions.
|
|
|
|
|
"""
|
|
|
|
|
|
2013-05-16 07:14:28 +08:00
|
|
|
import logging
|
|
|
|
|
|
2013-08-30 12:03:23 +08:00
|
|
|
from django.conf import settings
|
2009-01-11 06:18:14 +08:00
|
|
|
from django.contrib.sessions.backends.db import SessionStore as DBStore
|
2013-10-19 06:49:24 +08:00
|
|
|
from django.core.cache import caches
|
2012-10-28 01:18:03 +08:00
|
|
|
from django.core.exceptions import SuspiciousOperation
|
|
|
|
|
from django.utils import timezone
|
2013-05-16 07:14:28 +08:00
|
|
|
from django.utils.encoding import force_text
|
2009-01-11 06:18:14 +08:00
|
|
|
|
2011-09-10 08:46:48 +08:00
|
|
|
KEY_PREFIX = "django.contrib.sessions.cached_db"
|
|
|
|
|
|
2012-03-23 17:32:11 +08:00
|
|
|
|
2009-01-11 06:18:14 +08:00
|
|
|
class SessionStore(DBStore):
|
|
|
|
|
"""
|
|
|
|
|
Implements cached, database backed sessions.
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
def __init__(self, session_key=None):
|
2013-10-19 06:49:24 +08:00
|
|
|
self._cache = caches[settings.SESSION_CACHE_ALIAS]
|
2009-01-11 06:18:14 +08:00
|
|
|
super(SessionStore, self).__init__(session_key)
|
|
|
|
|
|
2011-11-28 01:52:24 +08:00
|
|
|
@property
|
|
|
|
|
def cache_key(self):
|
|
|
|
|
return KEY_PREFIX + self._get_or_create_session_key()
|
|
|
|
|
|
2009-01-11 06:18:14 +08:00
|
|
|
def load(self):
|
2012-03-23 13:31:11 +08:00
|
|
|
try:
|
2015-05-14 02:51:18 +08:00
|
|
|
data = self._cache.get(self.cache_key)
|
2012-03-24 00:14:46 +08:00
|
|
|
except Exception:
|
|
|
|
|
# Some backends (e.g. memcache) raise an exception on invalid
|
|
|
|
|
# cache keys. If this happens, reset the session. See #17810.
|
2012-03-23 13:31:11 +08:00
|
|
|
data = None
|
2012-10-28 01:18:03 +08:00
|
|
|
|
2009-01-11 06:18:14 +08:00
|
|
|
if data is None:
|
2012-10-28 01:18:03 +08:00
|
|
|
# Duplicate DBStore.load, because we need to keep track
|
|
|
|
|
# of the expiry date to set it properly in the cache.
|
|
|
|
|
try:
|
|
|
|
|
s = Session.objects.get(
|
|
|
|
|
session_key=self.session_key,
|
|
|
|
|
expire_date__gt=timezone.now()
|
|
|
|
|
)
|
|
|
|
|
data = self.decode(s.session_data)
|
2013-08-30 12:03:23 +08:00
|
|
|
self._cache.set(self.cache_key, data,
|
2012-10-28 03:32:50 +08:00
|
|
|
self.get_expiry_age(expiry=s.expire_date))
|
2013-05-16 07:14:28 +08:00
|
|
|
except (Session.DoesNotExist, SuspiciousOperation) as e:
|
|
|
|
|
if isinstance(e, SuspiciousOperation):
|
|
|
|
|
logger = logging.getLogger('django.security.%s' %
|
|
|
|
|
e.__class__.__name__)
|
|
|
|
|
logger.warning(force_text(e))
|
2015-06-11 05:45:20 +08:00
|
|
|
self._session_key = None
|
2012-10-28 01:18:03 +08:00
|
|
|
data = {}
|
2009-01-11 06:18:14 +08:00
|
|
|
return data
|
|
|
|
|
|
|
|
|
|
def exists(self, session_key):
|
2015-06-11 05:45:20 +08:00
|
|
|
if session_key and (KEY_PREFIX + session_key) in self._cache:
|
2011-11-28 02:36:03 +08:00
|
|
|
return True
|
2009-01-11 06:18:14 +08:00
|
|
|
return super(SessionStore, self).exists(session_key)
|
|
|
|
|
|
|
|
|
|
def save(self, must_create=False):
|
|
|
|
|
super(SessionStore, self).save(must_create)
|
2013-08-30 12:03:23 +08:00
|
|
|
self._cache.set(self.cache_key, self._session, self.get_expiry_age())
|
2009-01-11 06:18:14 +08:00
|
|
|
|
|
|
|
|
def delete(self, session_key=None):
|
|
|
|
|
super(SessionStore, self).delete(session_key)
|
2011-11-28 01:52:24 +08:00
|
|
|
if session_key is None:
|
|
|
|
|
if self.session_key is None:
|
|
|
|
|
return
|
|
|
|
|
session_key = self.session_key
|
2013-08-30 12:03:23 +08:00
|
|
|
self._cache.delete(KEY_PREFIX + session_key)
|
2009-01-11 06:18:14 +08:00
|
|
|
|
|
|
|
|
def flush(self):
|
|
|
|
|
"""
|
|
|
|
|
Removes the current session data from the database and regenerates the
|
|
|
|
|
key.
|
|
|
|
|
"""
|
|
|
|
|
self.clear()
|
|
|
|
|
self.delete(self.session_key)
|
2015-05-11 21:58:43 +08:00
|
|
|
self._session_key = None
|
2012-10-28 01:18:03 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
# At bottom to avoid circular import
|
2015-01-28 20:35:27 +08:00
|
|
|
from django.contrib.sessions.models import Session # isort:skip
|
