From ef57b0622c06d2b169cbe28f5e9f38ebf569badb Mon Sep 17 00:00:00 2001 From: Jakob Kramer Date: Wed, 22 May 2013 14:51:12 +0200 Subject: [PATCH] =?utf8?q?save=20=E2=80=9Cstay=5Flogged=5Fin=E2=80=9D=20in?= =?utf8?q?=20the=20session?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Since sessions are rebuilt, e.g. when you try to post a blank comment and therefore receive an error message, the session will be overwritten without the old max_age. --- mediagoblin/auth/views.py | 2 +- mediagoblin/tools/session.py | 10 ++++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index d276a074..d54762b0 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -89,7 +89,7 @@ def login(request): if user: # set up login in session if login_form.stay_logged_in.data: - request.session.max_age = 30 * 24 * 60 * 60 + request.session['stay_logged_in'] = True request.session['user_id'] = unicode(user.id) request.session.save() diff --git a/mediagoblin/tools/session.py b/mediagoblin/tools/session.py index ccf96443..d79afb66 100644 --- a/mediagoblin/tools/session.py +++ b/mediagoblin/tools/session.py @@ -21,10 +21,11 @@ import crypto _log = logging.getLogger(__name__) +MAX_AGE = 30 * 24 * 60 * 60 + class Session(dict): def __init__(self, *args, **kwargs): self.send_new_cookie = False - self.max_age = None dict.__init__(self, *args, **kwargs) def save(self): @@ -65,5 +66,10 @@ class SessionManager(object): elif not session: response.delete_cookie(self.cookie_name) else: + if session.get('stay_logged_in', False): + max_age = MAX_AGE + else: + max_age = None + response.set_cookie(self.cookie_name, self.signer.dumps(session), - max_age=session.max_age, httponly=True) + max_age=max_age, httponly=True) -- 2.25.1