*(minor): small refactor

2019-10-07 16:33:48 +02:00
parent d21ec6c9a5
commit f2acc154cd
300 changed files with 1420 additions and 1788 deletions
--- a/passbook/providers/app_gw/middleware.py
+++ b/passbook/providers/app_gw/middleware.py
@ -0,0 +1,55 @@
+import time
+
+from django.conf import settings
+from django.contrib.sessions.middleware import SessionMiddleware
+from django.utils.cache import patch_vary_headers
+from django.utils.http import cookie_date
+from structlog import get_logger
+
+from passbook.factors.view import AuthenticationView
+
+LOGGER = get_logger()
+
+class SessionHostDomainMiddleware(SessionMiddleware):
+
+    def process_request(self, request):
+        session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME)
+        request.session = self.SessionStore(session_key)
+
+    def process_response(self, request, response):
+        """
+        If request.session was modified, or if the configuration is to save the
+        session every time, save the changes and set a session cookie.
+        """
+        try:
+            accessed = request.session.accessed
+            modified = request.session.modified
+        except AttributeError:
+            pass
+        else:
+            if accessed:
+                patch_vary_headers(response, ('Cookie',))
+            if modified or settings.SESSION_SAVE_EVERY_REQUEST:
+                if request.session.get_expire_at_browser_close():
+                    max_age = None
+                    expires = None
+                else:
+                    max_age = request.session.get_expiry_age()
+                    expires_time = time.time() + max_age
+                    expires = cookie_date(expires_time)
+                # Save the session data and refresh the client cookie.
+                # Skip session save for 500 responses, refs #3881.
+                if response.status_code != 500:
+                    request.session.save()
+                    hosts = [request.get_host().split(':')[0]]
+                    if AuthenticationView.SESSION_FORCE_COOKIE_HOSTNAME in request.session:
+                        hosts.append(request.session[AuthenticationView.SESSION_FORCE_COOKIE_HOSTNAME])
+                    LOGGER.debug("Setting hosts for session", hosts=hosts)
+                    for host in hosts:
+                        response.set_cookie(settings.SESSION_COOKIE_NAME,
+                                            request.session.session_key, max_age=max_age,
+                                            expires=expires, domain=host,
+                                            path=settings.SESSION_COOKIE_PATH,
+                                            secure=settings.SESSION_COOKIE_SECURE or None,
+                                            httponly=settings.SESSION_COOKIE_HTTPONLY or None)
+        return response