save “stay_logged_in” in the session

Since sessions are rebuilt, e.g. when you try to post a blank comment and therefore receive an error message, the session will be overwritten without the old max_age.
2013-05-22 14:51:12 +02:00 · 2013-05-22 14:51:12 +02:00 · ef57b0622c
commit ef57b0622c
parent 527b7e3b57
2 changed files with 9 additions and 3 deletions
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@ -89,7 +89,7 @@ def login(request):
            if user:
                # set up login in session
                if login_form.stay_logged_in.data:
-                    request.session.max_age = 30 * 24 * 60 * 60
+                    request.session['stay_logged_in'] = True
                request.session['user_id'] = unicode(user.id)
                request.session.save()

--- a/mediagoblin/tools/session.py
+++ b/mediagoblin/tools/session.py
@ -21,10 +21,11 @@ import crypto

 _log = logging.getLogger(__name__)

+MAX_AGE = 30 * 24 * 60 * 60
+
 class Session(dict):
    def __init__(self, *args, **kwargs):
        self.send_new_cookie = False
-        self.max_age = None
        dict.__init__(self, *args, **kwargs)

    def save(self):
@ -65,5 +66,10 @@ class SessionManager(object):
        elif not session:
            response.delete_cookie(self.cookie_name)
        else:
+            if session.get('stay_logged_in', False):
+                max_age = MAX_AGE
+            else:
+                max_age = None
+
            response.set_cookie(self.cookie_name, self.signer.dumps(session),
-                max_age=session.max_age, httponly=True)
+                max_age=max_age, httponly=True)