Fixed #28763 -- Allowed overriding the session cookie age with SessionStore.get_session_cookie_age().

This commit is contained in:
Hasan Ramezani 2019-05-19 22:15:45 +02:00 committed by Mariusz Felisiak
parent df28ebd6c8
commit 9d6f981a66
7 changed files with 32 additions and 6 deletions

View File

@ -206,6 +206,9 @@ class SessionBase:
_session = property(_get_session)
def get_session_cookie_age(self):
return settings.SESSION_COOKIE_AGE
def get_expiry_age(self, **kwargs):
"""Get the number of seconds until the session expires.
@ -225,7 +228,7 @@ class SessionBase:
expiry = self.get('_session_expiry')
if not expiry: # Checks both None and 0 cases
return settings.SESSION_COOKIE_AGE
return self.get_session_cookie_age()
if not isinstance(expiry, datetime):
return expiry
delta = expiry - modification
@ -249,7 +252,7 @@ class SessionBase:
if isinstance(expiry, datetime):
return expiry
expiry = expiry or settings.SESSION_COOKIE_AGE # Checks both None and 0 cases
expiry = expiry or self.get_session_cookie_age()
return modification + timedelta(seconds=expiry)
def set_expiry(self, value):

View File

@ -69,7 +69,7 @@ class SessionStore(SessionBase):
Return the expiry time of the file storing the session's content.
"""
return session_data.get('_session_expiry') or (
self._last_modification() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
self._last_modification() + datetime.timedelta(seconds=self.get_session_cookie_age())
)
def load(self):

View File

@ -1,4 +1,3 @@
from django.conf import settings
from django.contrib.sessions.backends.base import SessionBase
from django.core import signing
@ -16,7 +15,7 @@ class SessionStore(SessionBase):
self.session_key,
serializer=self.serializer,
# This doesn't handle non-default expiry dates, see #19201
max_age=settings.SESSION_COOKIE_AGE,
max_age=self.get_session_cookie_age(),
salt='django.contrib.sessions.backends.signed_cookies',
)
except Exception:

View File

@ -96,7 +96,9 @@ Minor features
:mod:`django.contrib.sessions`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* ...
* The new
:meth:`~django.contrib.sessions.backends.base.SessionBase.get_session_cookie_age()`
methods allows dynamically specifying the session cookie age.
:mod:`django.contrib.sitemaps`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

View File

@ -244,6 +244,13 @@ You can edit it multiple times.
Deletes the test cookie. Use this to clean up after yourself.
.. method:: get_session_cookie_age()
.. versionadded:: 3.0
Returns the age of session cookies, in seconds. Defaults to
:setting:`SESSION_COOKIE_AGE`.
.. method:: set_expiry(value)
Sets the expiration time for the session. You can pass a number of

View File

@ -38,3 +38,6 @@ class SessionStore(DBStore):
obj.account_id = account_id
return obj
def get_session_cookie_age(self):
return 60 * 60 * 24 # One day.

View File

@ -454,6 +454,7 @@ class DatabaseSessionWithTimeZoneTests(DatabaseSessionTests):
class CustomDatabaseSessionTests(DatabaseSessionTests):
backend = CustomDatabaseSession
session_engine = 'sessions_tests.models'
custom_session_cookie_age = 60 * 60 * 24 # One day.
def test_extra_session_field(self):
# Set the account ID to be picked up by a custom session storage
@ -473,6 +474,17 @@ class CustomDatabaseSessionTests(DatabaseSessionTests):
s = self.model.objects.get(session_key=self.session.session_key)
self.assertIsNone(s.account_id)
def test_custom_expiry_reset(self):
self.session.set_expiry(None)
self.session.set_expiry(10)
self.session.set_expiry(None)
self.assertEqual(self.session.get_expiry_age(), self.custom_session_cookie_age)
def test_default_expiry(self):
self.assertEqual(self.session.get_expiry_age(), self.custom_session_cookie_age)
self.session.set_expiry(0)
self.assertEqual(self.session.get_expiry_age(), self.custom_session_cookie_age)
class CacheDBSessionTests(SessionTestsMixin, TestCase):