From 6c1cb213c0da87f0a03fb4f0ff2c9c39ec17ff65 Mon Sep 17 00:00:00 2001 From: EnTeQuAk Date: Wed, 9 Jul 2008 01:08:27 +0200 Subject: [PATCH] fixed a small cookie-bug :) --- lodgeit/application.py | 13 ++++++------- lodgeit/static/lodgeit.js | 2 +- lodgeit/utils.py | 6 +++--- manage.py | 9 ++++++--- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/lodgeit/application.py b/lodgeit/application.py index fc79b3c..977812c 100644 --- a/lodgeit/application.py +++ b/lodgeit/application.py @@ -25,7 +25,9 @@ from lodgeit.controllers import get_controller class LodgeIt(object): """The WSGI Application""" - def __init__(self, dburi): + def __init__(self, dburi, secret_key): + self.secret_key = secret_key + #: database engine self.engine = sqlalchemy.create_engine(dburi, convert_unicode=True) #: make sure all tables exist. @@ -85,10 +87,7 @@ class LodgeIt(object): resp = e.get_response(environ) else: expires = datetime.utcnow() + timedelta(days=31) - if request.first_visit: - resp.set_cookie(COOKIE_NAME, request.user_hash, - expires=expires) - if request.session.should_save: + if request.first_visit or request.session.should_save: request.session.save_cookie(resp, COOKIE_NAME, expires=expires) @@ -96,10 +95,10 @@ class LodgeIt(object): [local._local_manager.cleanup, session.remove]) -def make_app(dburi, debug=False, shell=False): +def make_app(dburi, secret_key, debug=False, shell=False): """Apply the used middlewares and create the application.""" static_path = os.path.join(os.path.dirname(__file__), 'static') - app = LodgeIt(dburi) + app = LodgeIt(dburi, secret_key) if debug: app.engine.echo = True if not shell: diff --git a/lodgeit/static/lodgeit.js b/lodgeit/static/lodgeit.js index da00b83..9276beb 100644 --- a/lodgeit/static/lodgeit.js +++ b/lodgeit/static/lodgeit.js @@ -123,7 +123,7 @@ var LodgeIt = { */ removeCookie : function() { if (confirm('Do really want to remove your cookie?')) { - $.cookie('user_hash', ''); + $.cookie('lodgeit_session', ''); alert('Your cookie was resetted!'); } } diff --git a/lodgeit/utils.py b/lodgeit/utils.py index 9ca0107..ebb30a2 100644 --- a/lodgeit/utils.py +++ b/lodgeit/utils.py @@ -10,7 +10,7 @@ """ import re import time -from os import path, urandom +from os import path from random import random from functools import partial from werkzeug import Request as RequestBase, Response @@ -31,7 +31,6 @@ jinja_environment = Environment(loader=FileSystemLoader( #: constants _word_only = partial(re.compile(r'[^a-zA-Z0-9]').sub, '') COOKIE_NAME = u'lodgeit_session' -SECRET_KEY = urandom(50) def generate_user_hash(): @@ -59,7 +58,8 @@ class Request(RequestBase): def __init__(self, environ): super(Request, self).__init__(environ) self.first_visit = False - session = SecureCookie.load_cookie(self, COOKIE_NAME, SECRET_KEY) + session = SecureCookie.load_cookie(self, COOKIE_NAME, + local.application.secret_key) user_hash = session.get('user_hash') if not user_hash: diff --git a/manage.py b/manage.py index 7f1d9ef..15f1463 100644 --- a/manage.py +++ b/manage.py @@ -10,17 +10,20 @@ from lodgeit.database import session dburi = 'sqlite:////tmp/lodgeit.db' +SECRET_KEY = os.urandom(50) + + def run_app(app, path='/'): - env = create_environ(path) + env = create_environ(path, SECRET_KEY) return run_wsgi_app(app, env) action_runserver = script.make_runserver( - lambda: make_app(dburi), + lambda: make_app(dburi, SECRET_KEY), use_reloader=True) action_shell = script.make_shell( lambda: { - 'app': make_app(dburi, False, True), + 'app': make_app(dburi, SECRET_KEY, False, True), 'local': local, 'session': session, 'run_app': run_app