Allowing sending the session key in a http header

2013-03-20 20:06:37 +01:00 · 2013-03-20 20:06:37 +01:00 · 311740990e
parent 690252ad05
commit 311740990e
2 changed files with 50 additions and 2 deletions
--- a/greenmine/middleware.py
+++ b/greenmine/middleware.py
@ -0,0 +1,47 @@
+import time
+
+from django.conf import settings
+from django.utils.cache import patch_vary_headers
+from django.utils.http import cookie_date
+from django.utils.importlib import import_module
+
+class GreenmineSessionMiddleware(object):
+    def process_request(self, request):
+        engine = import_module(settings.SESSION_ENGINE)
+        session_key = request.META.get(settings.SESSION_HEADER_NAME, None)
+        if not session_key:
+            session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None)
+        request.session = engine.SessionStore(session_key)
+
+    def process_response(self, request, response):
+        """
+        If request.session was modified, or if the configuration is to save the
+        session every time, save the changes and set a session cookie.
+        """
+        try:
+            accessed = request.session.accessed
+            modified = request.session.modified
+        except AttributeError:
+            pass
+        else:
+            if accessed:
+                patch_vary_headers(response, ('Cookie',))
+            if modified or settings.SESSION_SAVE_EVERY_REQUEST:
+                if request.session.get_expire_at_browser_close():
+                    max_age = None
+                    expires = None
+                else:
+                    max_age = request.session.get_expiry_age()
+                    expires_time = time.time() + max_age
+                    expires = cookie_date(expires_time)
+                # Save the session data and refresh the client cookie.
+                # Skip session save for 500 responses, refs #3881.
+                if response.status_code != 500:
+                    request.session.save()
+                    response.set_cookie(settings.SESSION_COOKIE_NAME,
+                            request.session.session_key, max_age=max_age,
+                            expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
+                            path=settings.SESSION_COOKIE_PATH,
+                            secure=settings.SESSION_COOKIE_SECURE or None,
+                            httponly=settings.SESSION_COOKIE_HTTPONLY or None)
+        return response
--- a/greenmine/settings/common.py
+++ b/greenmine/settings/common.py
@ -85,8 +85,9 @@ SESSION_ENGINE='django.contrib.sessions.backends.cache'
 #SESSION_EXPIRE_AT_BROWSER_CLOSE = False
 #SESSION_SAVE_EVERY_REQUEST = True
 SESSION_COOKIE_AGE = 1209600 # (2 weeks)
+SESSION_HEADER_NAME = "HTTP_X_SESSION_TOKEN"

-HOST = 'http://localhost:8000'
+hOST = 'http://localhost:8000'

 # MAIL OPTIONS
 #EMAIL_USE_TLS = False
@ -156,7 +157,7 @@ TEMPLATE_LOADERS = [

 MIDDLEWARE_CLASSES = [
    'django.middleware.common.CommonMiddleware',
-    'django.contrib.sessions.middleware.SessionMiddleware',
+    'greenmine.middleware.GreenmineSessionMiddleware',
    'django.middleware.locale.LocaleMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',