innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
8,829 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

17 Commits

Author SHA1 Message Date
Malcolm Tredinnick c8c159cbba When logging in, change the session key whilst preserving any existing 
sesssion. This means the user will see their session preserved across a login
boundary, but somebody snooping the anonymous session key won't be able to view
the authenticated session data.

This is the final piece of the session key handling changes.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8459 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-21 13:54:53 +00:00
Malcolm Tredinnick 0d48087a53 Made a few small tweaks to reduce persistent storage accesses in the session 
backend. Refs #8311, although doesn't fix the problem there.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8381 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-15 14:59:11 +00:00
Malcolm Tredinnick 9e423b51e3 Fixed #8314 -- Fixed an infinite loop caused when submitting a session key (via 
a cookie) with no corresponding entry in the database.

This only affected the database backend, but I've applied the same fix to all
three backends for robustness.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8351 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-14 19:43:08 +00:00
Malcolm Tredinnick 2da6628519 Fixed #8310 -- Actually use the SystemRandom RNG, if available, which fixes an 
oversight from [8340]. The previous code worked, but this is what I really
intended.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8346 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-14 13:54:22 +00:00
Malcolm Tredinnick 5e8efa9a60 Implemented a flush() method on sessions that cleans out the session and 
regenerates the key. Used to ensure the caller gets a fresh session at logout,
for example.

Based on a patch from mrts. Refs #7515.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8342 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-14 03:57:46 +00:00
Malcolm Tredinnick 31ec68c5d9 Added a clear() method to sessions. Patch from mrts. Refs #7515. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8341 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-14 03:57:30 +00:00
Malcolm Tredinnick af7b6475ca Added guaranteed atomic creation of new session objects. Slightly backwards 
incompatible for custom session backends.

Whilst we were in the neighbourhood, use a larger range of session key values
to save a small amount of time and use the hardware-base random numbers where
available (transparently falls back to pseudo-RNG otherwise).

Fixed #1080


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8340 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-14 03:57:18 +00:00
Gary Wilson Jr c85c8f8891 Fixed #7919 -- md5 and sha modules are deprecated since Python 2.5, use hashlib module when available. Patch from Karen Tracey. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8193 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-02 05:56:57 +00:00
Gary Wilson Jr 5db4d60215 Several Django styling fixes in the `contrib.sessions` app. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7725 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-23 05:08:07 +00:00
Russell Keith-Magee dc7f21daf7 Fixed #7429 -- Modified the Session base class a little more dictionary-like by adding update(), has_key(), values(), and iterator access methods. Thanks to Jeremy Dunck for the suggestion and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7687 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-18 12:07:46 +00:00
Jacob Kaplan-Moss 8d4f79a799 Fixed #2548: added get/set_expiry methods to session objects. Thanks, Amit Upadhyay and SmileyChris. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7586 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-07 20:28:06 +00:00
Malcolm Tredinnick 49da9ab57e Fixed #6087 -- Added setdefault() support to the Session object. Thanks, Ben 
Slavin.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6831 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-12-02 15:27:29 +00:00
Malcolm Tredinnick 4c0d8d882d Fixed #4729 -- Restored functionality to the Session class so that popping a 
value marks it as modified. This was accidentally lost in the changes in
[6333]. Thanks, __hawkeye__.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6558 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-10-20 10:12:59 +00:00
Adrian Holovaty 79dead9a24 Removed trailing whitespace in django/contrib/sessions/backends/base.py 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6388 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-20 04:35:03 +00:00
Adrian Holovaty 3db846cdb5 Fixed #5548 -- Reintroduced Jython workaround for os.getpid(), which was lost in [6270]. Thanks, leosoto 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6386 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-20 02:19:48 +00:00
Jacob Kaplan-Moss 771481695f Refs #5513: improved session performance after [6333]'s session refactoring. Thanks, msaelices. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6365 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-16 20:11:14 +00:00
Jacob Kaplan-Moss bcf7e9a9fe Fixed #2066: session data can now be stored in the cache or on the filesystem. This should be fully backwards-compatible (the database cache store is still the default). A big thanks to John D'Agostino for the bulk of this code. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6333 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-15 21:29:14 +00:00