Files @ 7691290837d2
Branch filter:

Location: kallithea/kallithea/lib/middleware/sessionmiddleware.py

7691290837d2 2.6 KiB text/x-python Show Annotation Show as Raw Download as Raw
Lars Kruse
codingstyle: trivial whitespace fixes

Reported by flake8.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# -*- coding: utf-8 -*-
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
"""
kallithea.lib.middleware.sessionmiddleware
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

session management middleware

This file overrides Beaker's built-in SessionMiddleware
class to automagically use secure cookies over HTTPS.

Original Beaker SessionMiddleware class written by Ben Bangert
"""

from beaker.session import SessionObject
from beaker.middleware import SessionMiddleware


class SecureSessionMiddleware(SessionMiddleware):
    def __call__(self, environ, start_response):
        """
        This function's implementation is taken directly from Beaker,
        with HTTPS detection added. When accessed over HTTPS, force
        setting cookie's secure flag.

        The only difference from that original code is that we switch
        the secure option on and off depending on the URL scheme (first
        two lines). To avoid concurrency issues, we use a local options
        variable.
        """
        options = dict(self.options)
        options["secure"] = environ['wsgi.url_scheme'] == 'https'

        session = SessionObject(environ, **options)
        if environ.get('paste.registry'):
            if environ['paste.registry'].reglist:
                environ['paste.registry'].register(self.session, session)
        environ[self.environ_key] = session
        environ['beaker.get_session'] = self._get_session

        if 'paste.testing_variables' in environ and 'webtest_varname' in options:
            environ['paste.testing_variables'][options['webtest_varname']] = session

        def session_start_response(status, headers, exc_info=None):
            if session.accessed():
                session.persist()
                if session.__dict__['_headers']['set_cookie']:
                    cookie = session.__dict__['_headers']['cookie_out']
                    if cookie:
                        headers.append(('Set-cookie', cookie))
            return start_response(status, headers, exc_info)
        return self.wrap_app(environ, session_start_response)
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.