Merge pull request #13 from AlexKovalevych/fix-session-invalidate

return empty dict at cookie storage to be able to invalidate the session
aio-libs · Jun 22, 2015 · 06cf5ce · 06cf5ce
2 parents 445b16b + 2e607fc
commit 06cf5ce
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/aiohttp_session/cookie_storage.py b/aiohttp_session/cookie_storage.py
@@ -40,6 +40,8 @@ def load_session(self, request):
 
     @asyncio.coroutine
     def save_session(self, request, response, session):
+        if not session._mapping:
+            return self.save_cookie(response, session._mapping)
         cookie_data = json.dumps(session._mapping).encode('utf-8')
         if len(cookie_data) % AES.block_size != 0:
             # padding with spaces to full blocks

diff --git a/tests/test_encrypted_cookie_storage.py b/tests/test_encrypted_cookie_storage.py
@@ -162,8 +162,8 @@ def go():
                 loop=self.loop)
             self.assertEqual(200, resp.status)
             morsel = resp.cookies['AIOHTTP_SESSION']
-            self.assertEqual({}, self.decrypt(morsel.value))
-            self.assertTrue(morsel['httponly'])
+            self.assertEqual('', morsel.value)
+            self.assertFalse(morsel['httponly'])
             self.assertEqual(morsel['path'], '/')
 
         self.loop.run_until_complete(go())