[py3] Fix encoding issues in contrib.sessions
This commit is contained in:
parent
ac37c9e495
commit
8a1f439d3a
|
@ -1,3 +1,5 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
import base64
|
||||
import time
|
||||
from datetime import datetime, timedelta
|
||||
|
@ -12,6 +14,7 @@ from django.utils.crypto import constant_time_compare
|
|||
from django.utils.crypto import get_random_string
|
||||
from django.utils.crypto import salted_hmac
|
||||
from django.utils import timezone
|
||||
from django.utils.encoding import smart_bytes
|
||||
|
||||
class CreateError(Exception):
|
||||
"""
|
||||
|
@ -78,15 +81,15 @@ class SessionBase(object):
|
|||
"Returns the given session dictionary pickled and encoded as a string."
|
||||
pickled = pickle.dumps(session_dict, pickle.HIGHEST_PROTOCOL)
|
||||
hash = self._hash(pickled)
|
||||
return base64.encodestring(hash + ":" + pickled)
|
||||
return base64.encodestring(hash.encode() + b":" + pickled)
|
||||
|
||||
def decode(self, session_data):
|
||||
encoded_data = base64.decodestring(session_data)
|
||||
encoded_data = base64.decodestring(smart_bytes(session_data))
|
||||
try:
|
||||
# could produce ValueError if there is no ':'
|
||||
hash, pickled = encoded_data.split(':', 1)
|
||||
hash, pickled = encoded_data.split(b':', 1)
|
||||
expected_hash = self._hash(pickled)
|
||||
if not constant_time_compare(hash, expected_hash):
|
||||
if not constant_time_compare(hash.decode(), expected_hash):
|
||||
raise SuspiciousOperation("Session data corrupted")
|
||||
else:
|
||||
return pickle.loads(pickled)
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
from django.contrib.sessions.backends.base import SessionBase, CreateError
|
||||
from django.core.exceptions import SuspiciousOperation
|
||||
from django.db import IntegrityError, transaction, router
|
||||
from django.utils.encoding import force_text
|
||||
from django.utils import timezone
|
||||
|
||||
|
||||
|
@ -18,7 +17,7 @@ class SessionStore(SessionBase):
|
|||
session_key = self.session_key,
|
||||
expire_date__gt=timezone.now()
|
||||
)
|
||||
return self.decode(force_text(s.session_data))
|
||||
return self.decode(s.session_data)
|
||||
except (Session.DoesNotExist, SuspiciousOperation):
|
||||
self.create()
|
||||
return {}
|
||||
|
|
Loading…
Reference in New Issue