aiohttp-security/aiohttp_security/cookies_identity.py

33 lines
887 B
Python
Raw Permalink Normal View History

"""Identity policy for storing info directly into HTTP cookie.
2015-11-19 13:25:10 +00:00
Use mostly for demonstration purposes, SessionIdentityPolicy is much
more handy.
"""
2015-07-08 17:30:24 +00:00
from .abc import AbstractIdentityPolicy
sentinel = object()
2015-07-08 17:30:24 +00:00
class CookiesIdentityPolicy(AbstractIdentityPolicy):
def __init__(self):
self._cookie_name = 'AIOHTTP_SECURITY'
self._max_age = 30 * 24 * 3600
2017-12-13 14:51:46 +00:00
async def identify(self, request):
2015-07-08 17:30:24 +00:00
identity = request.cookies.get(self._cookie_name)
return identity
2017-12-13 14:51:46 +00:00
async def remember(self, request, response, identity, max_age=sentinel,
**kwargs):
if max_age is sentinel:
max_age = self._max_age
2015-07-29 20:58:55 +00:00
response.set_cookie(self._cookie_name, identity,
max_age=max_age, **kwargs)
2015-07-08 17:30:24 +00:00
2017-12-13 14:51:46 +00:00
async def forget(self, request, response):
response.del_cookie(self._cookie_name)