/circuits/web/sessions.py

https://bitbucket.org/prologic/circuits/ · Python · 85 lines · 66 code · 9 blank · 10 comment · 3 complexity · 33e520afba4eacee44d45e804231b50b MD5 · raw file 

    

  1. # Module:   sessions
    2. 

  2. # Date:     22nd February 2009
    3. 

  3. # Author:   James Mills, prologic at shortcircuit dot net dot au
    4. 

  4. 

  5. 

  6. """Session Components
    7. 

    8. 

  8. This module implements Session Components that can be used to store
    9. 

  9. and access persistent information.
    10. 

  10. """
    11. 

    12. 

  12. 

  13. from uuid import uuid4 as uuid
    14. 

  14. from hashlib import sha1 as sha
    15. 

  15. from collections import defaultdict
    16. 

  16. 

  17. 

  18. from circuits import handler, Component
    19. 

  19. 

  20. 

  21. def who(request, encoding="utf-8"):
    22. 

  22.     """Create a SHA1 Hash of the User's IP Address and User-Agent"""
    23. 

  23. 

  24.     ip = request.remote.ip
    25. 

  25.     agent = request.headers.get("User-Agent", "")
    26. 

  26. 

  27.     return sha("{0:s}{1:s}".format(ip, agent).encode(encoding)).hexdigest()
    28. 

  28. 

  29. 

  30. def create_session(request):
    31. 

  31.     """Create a unique session id from the request
    32. 

    33. 

  33.     Returns a unique session using ``uuid4()`` and a ``sha1()`` hash
    34. 

  34.     of the users IP Address and User Agent in the form of ``sid/who``.
    35. 

  35.     """
    36. 

    37. 

  37.     return "{0:s}/{1:s}".format(uuid().hex, who(request))
    38. 

  38. 

  39. 

  40. def verify_session(request, sid):
    41. 

  41.     """Verify a User's Session
    42. 

    43. 

  43.     This verifies the User's Session by verifying the SHA1 Hash
    44. 

  44.     of the User's IP Address and User-Agent match the provided
    45. 

  45.     Session ID.
    46. 

  46.     """
    47. 

    48. 

  48.     if "/" not in sid:
    49. 

  49.         return create_session(request)
    50. 

  50. 

  51.     user = sid.split("/", 1)[1]
    52. 

  52. 

  53.     if user != who(request):
    54. 

  54.         return create_session(request)
    55. 

  55. 

  56.     return sid
    57. 

  57. 

  58. 

  59. class Sessions(Component):
    60. 

  60. 

  61.     channel = "web"
    62. 

  62. 

  63.     def __init__(self, name="circuits.session", channel=channel):
    64. 

  64.         super(Sessions, self).__init__(channel=channel)
    65. 

  65. 

  66.         self._name = name
    67. 

  67.         self._data = defaultdict(dict)
    68. 

  68. 

  69.     def load(self, sid):
    70. 

  70.         return self._data[sid]
    71. 

  71. 

  72.     def save(self, sid, data):
    73. 

  73.         """Save User Session Data for sid"""
    74. 

  74. 

  75.     @handler("request", priority=10)
    76. 

  76.     def request(self, request, response):
    77. 

  77.         if self._name in request.cookie:
    78. 

  78.             sid = request.cookie[self._name].value
    79. 

  79.             sid = verify_session(request, sid)
    80. 

  80.         else:
    81. 

  81.             sid = create_session(request)
    82. 

  82. 

  83.         request.sid = sid
    84. 

  84.         request.session = self.load(sid)
    85. 

  85.         response.cookie[self._name] = sid
    86.