diff options
author | Simo Sorce <simo@redhat.com> | 2014-09-16 17:07:18 -0400 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-09-24 20:29:51 +0200 |
commit | d00990c389e98dc62a59020e4a79cfe657f88f89 (patch) | |
tree | 4c5eb46d5a60ad61695bdf3d99da66eee59d1265 /ipsilon/util | |
parent | 14e8ecd7cf8ea8d342eac5c4c66b764b3a8e2dbb (diff) | |
download | ipsilon-d00990c389e98dc62a59020e4a79cfe657f88f89.tar.gz ipsilon-d00990c389e98dc62a59020e4a79cfe657f88f89.tar.xz ipsilon-d00990c389e98dc62a59020e4a79cfe657f88f89.zip |
Add abstraction class to handle cookies
This handles secure cokies with useful helpers and defaults.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/util')
-rwxr-xr-x | ipsilon/util/cookies.py | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/ipsilon/util/cookies.py b/ipsilon/util/cookies.py new file mode 100755 index 0000000..cd68242 --- /dev/null +++ b/ipsilon/util/cookies.py @@ -0,0 +1,67 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from ipsilon.util.log import Log +import cherrypy +import uuid + + +class SecureCookie(Log): + + def __init__(self, name=None, value=None, maxage=None, expires=None): + if name is None: + self.name = str(uuid.uuid4()) + else: + self.name = str(name) + self.path = None + self.secure = cherrypy.config.get('tools.sessions.secure', True) + self.httponly = cherrypy.config.get('tools.sessions.httponly', True) + self.maxage = maxage + self.expires = expires + self.value = value + + def _get_cookie_attr(self, name): + return getattr(cherrypy.request.cookie[self.name], name, None) + + def _set_cookie_attr(self, name, value): + if value is not None and value is not False: + cherrypy.response.cookie[self.name][name] = value + + def receive(self): + if self.name not in cherrypy.request.cookie: + return + + self.value = cherrypy.request.cookie[self.name].value + self.path = self._get_cookie_attr('path') + self.secure = self._get_cookie_attr('secure') + self.httponly = self._get_cookie_attr('httponly') + self.maxage = self._get_cookie_attr('max-age') + self.expires = self._get_cookie_attr('expires') + + def _store(self): + if self.value is None: + raise ValueError('Cookie has no value') + if self.maxage is None and self.expires is not 0: + # 5 minutes should be enough ... + self.maxage = 300 + cherrypy.response.cookie[self.name] = str(self.value) + if self.path: + path = self.path + else: + path = cherrypy.config.get('base.mount', '/') + self._set_cookie_attr('path', path) + self._set_cookie_attr('secure', self.secure) + self._set_cookie_attr('httponly', self.httponly) + self._set_cookie_attr('max-age', self.maxage) + self._set_cookie_attr('expires', self.expires) + self.debug('Cookie op: %s' % cherrypy.response.cookie[self.name]) + + def delete(self): + self.expires = 0 + self.debug('Deleting cookie %s' % self.name) + self._store() + + def send(self): + self.debug('Sending cookie %s' % self.name) + self._store() |