Permalink
Browse files

Removed dead code, simplified session management.

  • Loading branch information...
1 parent 1135ced commit 43eea6637d1553a0fcbb27876fa4103d50fcd13c @jpic jpic committed Feb 15, 2013
Showing with 9 additions and 22 deletions.
  1. +5 −17 session_security/middleware.py
  2. +1 −1 session_security/tests/views.py
  3. +3 −4 session_security/views.py
@@ -38,24 +38,12 @@ def process_request(self, request):
if not request.user.is_authenticated():
return
- if request.path in PASSIVE_URLS:
- return
-
now = datetime.datetime.now()
+ request.session.setdefault('_session_security', now)
- data = request.session.get('session_security', {
- 'LOGOUT_URL': LOGOUT_URL,
- 'LOGIN_URL': LOGIN_URL,
- 'EXPIRE_AFTER': EXPIRE_AFTER,
- 'WARN_AFTER': WARN_AFTER,
- 'last_activity': now,
- })
-
- delta = now - data['last_activity']
+ delta = now - request.session['_session_security']
if delta.seconds > EXPIRE_AFTER and request.path_info != LOGIN_URL:
logout(request)
- return http.HttpResponseRedirect(
- '%s?next=%s' % (LOGIN_URL, request.path_info))
-
- data['last_activity'] = now
- request.session['session_security'] = data
+ if request.is_ajax():
+ return http.HttpResponseRedirect(
+ '%s?next=%s' % (LOGIN_URL, request.path_info))
@@ -35,7 +35,7 @@ def test_ping(self, server, client, expected):
now = datetime.now()
session = self.client.session
- session['session_security']['last_activity'] = now - timedelta(seconds=server)
+ session['_session_security'] = now - timedelta(seconds=server)
session.save()
response = self.client.post('/session_security/ping/', {'inactiveSince': client})
self.assertEqual(response.content, expected)
@@ -35,12 +35,12 @@ def post(self, request, *args, **kwargs):
"""
from settings import WARN_AFTER, EXPIRE_AFTER
- if 'session_security' not in request.session.keys():
+ if '_session_security' not in request.session.keys():
# Was logged out, maybe in another tab ?
return http.HttpResponse('["expire", -1]')
now = datetime.now()
- last_activity = request.session['session_security']['last_activity']
+ last_activity = request.session['_session_security']
client_inactive_since = int(request.POST['inactiveSince'])
server_inactive_since = (now - last_activity).seconds
@@ -51,8 +51,7 @@ def post(self, request, *args, **kwargs):
- timedelta(seconds=client_inactive_since))
# Update the session
- request.session['session_security']['last_activity'] = last_activity
- request.session.save()
+ request.session['_session_security'] = last_activity
# We may now calculate how long the client has really been inactive
inactive_for = (now - last_activity).seconds

0 comments on commit 43eea66

Please sign in to comment.