app/django/contrib/sessions/middleware.py

   1 import time
   2
   3 from django.conf import settings
   4 from django.utils.cache import patch_vary_headers
   5 from django.utils.http import cookie_date
   6
   7 class SessionMiddleware(object):
   8     def process_request(self, request):
   9         engine = __import__(settings.SESSION_ENGINE, {}, {}, [''])
  10         session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None)
  11         request.session = engine.SessionStore(session_key)
  12
  13     def process_response(self, request, response):
  14         """
  15         If request.session was modified, or if the configuration is to save the
  16         session every time, save the changes and set a session cookie.
  17         """
  18         try:
  19             accessed = request.session.accessed
  20             modified = request.session.modified
  21         except AttributeError:
  22             pass
  23         else:
  24             if accessed:
  25                 patch_vary_headers(response, ('Cookie',))
  26             if modified or settings.SESSION_SAVE_EVERY_REQUEST:
  27                 if request.session.get_expire_at_browser_close():
  28                     max_age = None
  29                     expires = None
  30                 else:
  31                     max_age = request.session.get_expiry_age()
  32                     expires_time = time.time() + max_age
  33                     expires = cookie_date(expires_time)
  34                 # Save the session data and refresh the client cookie.
  35                 request.session.save()
  36                 response.set_cookie(settings.SESSION_COOKIE_NAME,
  37                         request.session.session_key, max_age=max_age,
  38                         expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
  39                         path=settings.SESSION_COOKIE_PATH,
  40                         secure=settings.SESSION_COOKIE_SECURE or None)
  41         return response