Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Added request.session.delete_test_cookie()

git-svn-id: http://code.djangoproject.com/svn/django/trunk@669 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 39a907a051617d97a9724512791a4d9a53ee2f10 1 parent 3dc1ede
Adrian Holovaty adrianholovaty authored
1  django/middleware/admin.py
View
@@ -81,6 +81,7 @@ def process_view(self, request, view_func, param_dict):
request.user = user
return
else:
+ request.session.delete_test_cookie()
return httpwrappers.HttpResponseRedirect(request.path)
else:
return self.display_login_form(request, ERROR_MESSAGE)
3  django/middleware/sessions.py
View
@@ -30,6 +30,9 @@ def set_test_cookie(self):
def test_cookie_worked(self):
return self.get(TEST_COOKIE_NAME) == TEST_COOKIE_VALUE
+ def delete_test_cookie(self):
+ del self[TEST_COOKIE_NAME]
+
def _get_session(self):
# Lazily loads session from storage.
try:
1  django/views/auth/login.py
View
@@ -18,6 +18,7 @@ def login(request):
if not redirect_to or '://' in redirect_to or ' ' in redirect_to:
redirect_to = '/accounts/profile/'
request.session[users.SESSION_KEY] = manipulator.get_user_id()
+ request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
errors = {}
9 docs/sessions.txt
View
@@ -46,7 +46,7 @@ It implements the following standard dictionary methods:
* ``get(key, default=None)``
Example: ``fav_color = request.session.get('fav_color', 'red')``
-It also has these two methods:
+It also has these three methods:
* ``set_test_cookie()``
Sets a test cookie to determine whether the user's browser supports
@@ -60,6 +60,9 @@ It also has these two methods:
have to call ``set_test_cookie()`` on a previous, separate page request.
See "Setting test cookies" below for more information.
+ * ``delete_test_cookie()``
+ Deletes the test cookie. Use this to clean up after yourself.
+
You can edit ``request.session`` at any point in your view. You can edit it
multiple times.
@@ -120,11 +123,15 @@ This awkward split between ``set_test_cookie()`` and ``test_cookie_worked()``
is necessary due to the way cookies work. When you set a cookie, you can't
actually tell whether a browser accepted it until the browser's next request.
+It's good practice to use ``delete_test_cookie()`` to clean up after yourself.
+Do this after you've verified that the test cookie worked.
+
Here's a typical usage example::
def login(request):
if request.POST:
if request.session.test_cookie_worked():
+ request.session.delete_test_cookie()
return HttpResponse("You're logged in.")
else:
return HttpResponse("Please enable cookies and try again.")
Please sign in to comment.
Something went wrong with that request. Please try again.