aiohttp-security/aiohttp_security/session_identity.py

38 lines
1.3 KiB
Python
Raw Permalink Normal View History

2015-11-19 13:25:10 +00:00
"""Identity policy for storing info into aiohttp_session session.
aiohttp_session.setup() should be called on application initialization
to configure aiohttp_session properly.
2015-11-19 13:25:10 +00:00
"""
2020-12-18 17:58:38 +00:00
from aiohttp import web
try:
from aiohttp_session import get_session
HAS_AIOHTTP_SESSION = True
except ImportError: # pragma: no cover
HAS_AIOHTTP_SESSION = False
2015-11-19 13:25:10 +00:00
from .abc import AbstractIdentityPolicy
class SessionIdentityPolicy(AbstractIdentityPolicy):
2020-12-18 17:58:38 +00:00
def __init__(self, session_key: str = 'AIOHTTP_SECURITY'):
2015-11-19 13:25:10 +00:00
self._session_key = session_key
if not HAS_AIOHTTP_SESSION: # pragma: no cover
raise ImportError(
'SessionIdentityPolicy requires `aiohttp_session`')
2020-12-18 17:58:38 +00:00
async def identify(self, request: web.Request) -> str:
2017-12-13 14:51:46 +00:00
session = await get_session(request)
2015-11-19 13:25:10 +00:00
return session.get(self._session_key)
2020-12-18 17:58:38 +00:00
async def remember(self, request: web.Request, response: web.StreamResponse,
identity: str, **kwargs: None) -> None:
2017-12-13 14:51:46 +00:00
session = await get_session(request)
2015-11-19 13:25:10 +00:00
session[self._session_key] = identity
2020-12-18 17:58:38 +00:00
async def forget(self, request: web.Request, response: web.StreamResponse) -> None:
2017-12-13 14:51:46 +00:00
session = await get_session(request)
2015-11-19 13:25:10 +00:00
session.pop(self._session_key, None)