save “stay_logged_in” in the session

Since sessions are rebuilt, e.g. when you try to post a blank
comment and therefore receive an error message, the session will
be overwritten without the old max_age.
This commit is contained in:
Jakob Kramer 2013-05-22 14:51:12 +02:00 committed by Rodney Ewing
parent 527b7e3b57
commit ef57b0622c
2 changed files with 9 additions and 3 deletions

View File

@ -89,7 +89,7 @@ def login(request):
if user:
# set up login in session
if login_form.stay_logged_in.data:
request.session.max_age = 30 * 24 * 60 * 60
request.session['stay_logged_in'] = True
request.session['user_id'] = unicode(user.id)
request.session.save()

View File

@ -21,10 +21,11 @@ import crypto
_log = logging.getLogger(__name__)
MAX_AGE = 30 * 24 * 60 * 60
class Session(dict):
def __init__(self, *args, **kwargs):
self.send_new_cookie = False
self.max_age = None
dict.__init__(self, *args, **kwargs)
def save(self):
@ -65,5 +66,10 @@ class SessionManager(object):
elif not session:
response.delete_cookie(self.cookie_name)
else:
if session.get('stay_logged_in', False):
max_age = MAX_AGE
else:
max_age = None
response.set_cookie(self.cookie_name, self.signer.dumps(session),
max_age=session.max_age, httponly=True)
max_age=max_age, httponly=True)