3 gL6@sddlZddlZddlZddlZddlmZmZddlmZddlm Z ddl m Z ddl m Z ddlmZddlmZmZmZdd lmZdd lmZdd lmZejejZGd d d eZGdddeZGdddZ dS)N)datetime timedelta)settings)SuspiciousSession)signing)SuspiciousOperation)timezone)constant_time_compareget_random_string salted_hmac)RemovedInDjango40Warning) import_string)LANGUAGE_SESSION_KEYc@seZdZdZdS) CreateErrorz Used internally as a consistent exception type to catch from save (see the docstring for SessionBase.save() for details). N)__name__ __module__ __qualname____doc__rrc/var/www/tester-filtro-web/env/lib/python3.6/site-packages/django/contrib/sessions/backends/base.pyrsrc@seZdZdZdS) UpdateErrorzF Occurs if Django tries to update a session that was deleted. N)rrrrrrrrr src@seZdZdZdZdZeZd\ddZddZ d d Z d d Z d dZ e ddZd]ddZefddZddZddZddZddZddZdd Zd!d"Zd#d$Zd%d&Zd'd(Zd)d*Zd+d,Zd-d.Zd/d0Zd1d2Zd3d4Z d5d6Z!d7d8Z"d9d:Z#d;d<Z$d=d>Z%e e$Z&e e$e%Z'd^d@dAZ(e e(Z)dBdCZ*dDdEZ+dFdGZ,dHdIZ-dJdKZ.dLdMZ/dNdOZ0dPdQZ1dRdSZ2d_dTdUZ3d`dVdWZ4dXdYZ5e6dZd[Z7dS)a SessionBasez- Base class for all Session classes. Z testcookieZworkedNcCs"||_d|_d|_ttj|_dS)NF) _session_keyaccessedmodifiedr rZSESSION_SERIALIZER serializer)self session_keyrrr__init__0szSessionBase.__init__cCs ||jkS)N)_session)rkeyrrr __contains__6szSessionBase.__contains__cCs"|tkrtjdtdd|j|S)NzThe user language will no longer be stored in request.session in Django 4.0. Read it from request.COOKIES[settings.LANGUAGE_COOKIE_NAME] instead.) stacklevel)rwarningswarnr r)rr rrr __getitem__9s  zSessionBase.__getitem__cCs||j|<d|_dS)NT)rr)rr valuerrr __setitem__Cs zSessionBase.__setitem__cCs|j|=d|_dS)NT)rr)rr rrr __delitem__GszSessionBase.__delitem__cCs d|jjS)Nzdjango.contrib.sessions.) __class__r)rrrrkey_saltKszSessionBase.key_saltcCs|jj||S)N)rget)rr defaultrrrr,OszSessionBase.getcCs8|jp||jk|_||jkr fn|f}|jj|f|S)N)rr_SessionBase__not_givenpop)rr r-argsrrrr/RszSessionBase.popcCs,||jkr|j|Sd|_||j|<|SdS)NT)rr)rr r'rrr setdefaultWs    zSessionBase.setdefaultcCs|j||j<dS)N)TEST_COOKIE_VALUETEST_COOKIE_NAME)rrrrset_test_cookie_szSessionBase.set_test_cookiecCs|j|j|jkS)N)r,r3r2)rrrrtest_cookie_workedbszSessionBase.test_cookie_workedcCs ||j=dS)N)r3)rrrrdelete_test_cookieeszSessionBase.delete_test_cookiecCsd|jj}t||jS)Nzdjango.contrib.sessions)r*rr hexdigest)rr'r+rrr_hashhs zSessionBase._hashcCs*tjdkr|j|Stj||j|jddS)zGReturn the given session dictionary serialized and encoded as a string.sha1T)saltrcompress)rZDEFAULT_HASHING_ALGORITHM_legacy_encoderdumpsr+r)r session_dictrrrencodems    zSessionBase.encodecCs|ytj||j|jdStjk r^y |j|Stk rXtjd}|j diSXYntk rv|j|SXdS)N)r:rz!django.security.SuspiciousSessionzSession data corrupted) rloadsr+rZ BadSignature_legacy_decode Exceptionlogging getLoggerwarning)r session_dataloggerrrrdecodews    zSessionBase.decodecCs4|jj|}|j|}tj|jd|jdS)N:ascii)rr=r8base64 b64encoder?rH)rr> serializedhashrrrr<s zSessionBase._legacy_encodecCstj|jd}yD|jdd\}}|j|}t|j|sDtdn|jj |SWnJt k r}z.t |t rt jd|jj}|jt|iSd}~XnXdS)NrJrIzSession data corruptedzdjango.security.%s)rK b64decoder?splitr8r rHrrr@rB isinstancerrCrDr*rrEstr)rrFZ encoded_datarNrMZ expected_hasherGrrrrAs   zSessionBase._legacy_decodecCs|jj|d|_dS)NT)rupdater)rZdict_rrrrUs zSessionBase.updatecCs ||jkS)N)r)rr rrrhas_keyszSessionBase.has_keycCs |jjS)N)rkeys)rrrrrWszSessionBase.keyscCs |jjS)N)rvalues)rrrrrXszSessionBase.valuescCs |jjS)N)ritems)rrrrrYszSessionBase.itemscCsi|_d|_d|_dS)NT)_session_cacherr)rrrrclearszSessionBase.clearc Cs*y|j o|j Stk r$dSXdS)zBReturn True when there is no session_key and the session is empty.TN)rrZAttributeError)rrrris_emptyszSessionBase.is_emptycCs"xtdt}|j|s|SqWdS)z)Return session key that isn't being used. N)r VALID_KEY_CHARSexists)rrrrr_get_new_session_keys  z SessionBase._get_new_session_keycCs|jdkr|j|_|jS)N)rra)rrrr_get_or_create_session_keys  z&SessionBase._get_or_create_session_keycCs|ot|dkS)z Key must be truthy and at least 8 characters long. 8 characters is an arbitrary lower bound for some minimal key security. )len)rr rrr_validate_session_keysz!SessionBase._validate_session_keycCs|jS)N)_SessionBase__session_key)rrrr_get_session_keyszSessionBase._get_session_keycCs|j|r||_nd|_dS)zV Validate session key on assignment. Invalid values will set to None. N)rerf)rr'rrr_set_session_keys zSessionBase._set_session_keyFc CsHd|_y|jStk r@|jdks*|r2i|_n |j|_YnX|jS)z Lazily load session from storage (unless "no_load" is True, when only an empty dict is stored) and store it in the current instance. TN)rrZr\rload)rZno_loadrrr _get_sessionszSessionBase._get_sessioncCstjS)N)rZSESSION_COOKIE_AGE)rrrrget_session_cookie_agesz"SessionBase.get_session_cookie_agecKsy |d}Wntk r(tj}YnXy |d}Wntk rT|jd}YnX|sb|jSt|tsp|S||}|jd|jS)zGet the number of seconds until the session expires. Optionally, this function accepts `modification` and `expiry` keyword arguments specifying the modification and expiry of the session. modificationexpiry_session_expiryiQ) KeyErrorrnowr,rkrRrdaysseconds)rkwargsrlrmdeltarrrget_expiry_ages   zSessionBase.get_expiry_agecKs~y |d}Wntk r(tj}YnXy |d}Wntk rT|jd}YnXt|trd|S|pn|j}|t|dS)zGet session the expiry date (as a datetime object). Optionally, this function accepts `modification` and `expiry` keyword arguments specifying the modification and expiry of the session. rlrmrn)rr)rorrpr,rRrrkr)rrsrlrmrrrget_expiry_dates    zSessionBase.get_expiry_datec CsN|dkr,y |d=Wntk r&YnXdSt|trBtj|}||d<dS)a* Set a custom expiration for the session. ``value`` can be an integer, a Python ``datetime`` or ``timedelta`` object or ``None``. If ``value`` is an integer, the session will expire after that many seconds of inactivity. If set to ``0`` then the session will expire on browser close. If ``value`` is a ``datetime`` or ``timedelta`` object, the session will expire at that specific future time. If ``value`` is ``None``, the session uses the global session expiry policy. Nrn)rorRrrrp)rr'rrr set_expiry$s   zSessionBase.set_expirycCs"|jddkrtjS|jddkS)a Return ``True`` if the session is set to expire when the browser closes, and ``False`` if there's an expiry date. Use ``get_expiry_date()`` or ``get_expiry_age()`` to find the actual expiry date/age, if there is one. rnNr)r,rZSESSION_EXPIRE_AT_BROWSER_CLOSE)rrrrget_expire_at_browser_close>sz'SessionBase.get_expire_at_browser_closecCs|j|jd|_dS)zc Remove the current session data from the database and regenerate the key. N)r[deleter)rrrrflushIszSessionBase.flushcCs,|j}|j}|j||_|r(|j|dS)zU Create a new session key, while retaining the current session data. N)rrcreaterZry)rdatar rrr cycle_keyRs zSessionBase.cycle_keycCs tddS)zF Return True if the given session_key already exists. z9subclasses of SessionBase must provide an exists() methodN)NotImplementedError)rrrrrr`_szSessionBase.existscCs tddS)z Create a new session instance. Guaranteed to create a new object with a unique key and will have saved the result once (with empty data) before the method returns. z8subclasses of SessionBase must provide a create() methodN)r~)rrrrr{eszSessionBase.createcCs tddS)z Save the session data. If 'must_create' is True, create a new session object (or raise CreateError). Otherwise, only update an existing object and don't create one (raise UpdateError if needed). z6subclasses of SessionBase must provide a save() methodN)r~)rZ must_createrrrsavemszSessionBase.savecCs tddS)zx Delete the session data under this key. If the key is None, use the current session key value. z8subclasses of SessionBase must provide a delete() methodN)r~)rrrrrryuszSessionBase.deletecCs tddS)z@ Load the session data and return a dictionary. z6subclasses of SessionBase must provide a load() methodN)r~)rrrrri|szSessionBase.loadcCs tddS)a Remove expired sessions from the session store. If this operation isn't possible on a given backend, it should raise NotImplementedError. If it isn't necessary, because the backend has a built-in expiration mechanism, it should be a no-op. z.This backend does not support clear_expired().N)r~)clsrrr clear_expireds zSessionBase.clear_expired)N)N)F)F)N)8rrrrr3r2objectr.rr!r&r(r)propertyr+r,r/r1r4r5r6r8r?rHr<rArUrVrWrXrYr[r]rarbrergrhrrrjrrkrurvrwrxrzr}r`r{rryri classmethodrrrrrr'sd              r)!rKrCstringr$rrZ django.confrZ"django.contrib.sessions.exceptionsrZ django.corerZdjango.core.exceptionsrZ django.utilsrZdjango.utils.cryptor r r Zdjango.utils.deprecationr Zdjango.utils.module_loadingr Zdjango.utils.translationrascii_lowercasedigitsr_rBrrrrrrrs"