o ä›eà-ã@sšddlZddlZddlmZmZddlmZddlmZddlm Z ddl m Z ddl m Z ejejZGdd „d eƒZGd d „d eƒZGd d „d ƒZdS)éN)ÚdatetimeÚ timedelta)Úsettings)Úsigning)Útimezone)Úget_random_string)Ú import_stringc@óeZdZdZdS)Ú CreateErrorz‡ Used internally as a consistent exception type to catch from save (see the docstring for SessionBase.save() for details). N©Ú__name__Ú __module__Ú __qualname__Ú__doc__©rrúX/var/www/html/venv/lib/python3.10/site-packages/django/contrib/sessions/backends/base.pyr sr c@r )Ú UpdateErrorzF Occurs if Django tries to update a session that was deleted. Nr rrrrrsrc@sŽeZdZdZdZdZeƒZdVdd„Zdd„Z d d „Z d d „Z d d„Z e dd„ƒZdVdd„Zefdd„Zdd„Zdd„Zdd„Zdd„Zdd„Zdd „Zd!d"„Zd#d$„Zd%d&„Zd'd(„Zd)d*„Zd+d,„Zd-d.„Zd/d0„Zd1d2„Zd3d4„Z d5d6„Z!d7d8„Z"e e!ƒZ#e e!e"ƒZ$dWd:d;„Z%e e%ƒZ&dd?„Z(d@dA„Z)dBdC„Z*dDdE„Z+dFdG„Z,dHdI„Z-dJdK„Z.dLdM„Z/dWdNdO„Z0dVdPdQ„Z1dRdS„Z2e3dTdU„ƒZ4dS)XÚ SessionBasez- Base class for all Session classes. Ú testcookieÚworkedNcCs"||_d|_d|_ttjƒ|_dS)NF)Ú _session_keyÚaccessedÚmodifiedrrÚSESSION_SERIALIZERÚ serializer©ÚselfÚ session_keyrrrÚ__init__+szSessionBase.__init__cCó ||jvS©N©Ú_session©rÚkeyrrrÚ __contains__1ó zSessionBase.__contains__cCs |j|Sr r!r#rrrÚ __getitem__4r&zSessionBase.__getitem__cCs||j|<d|_dS©NT©r"r©rr$ÚvaluerrrÚ __setitem__7s  zSessionBase.__setitem__cCs|j|=d|_dSr(r)r#rrrÚ __delitem__;s zSessionBase.__delitem__cCs d|jjS)Nzdjango.contrib.sessions.)Ú __class__r©rrrrÚkey_salt?s zSessionBase.key_saltcCs|j ||¡Sr )r"Úget)rr$Údefaultrrrr1CszSessionBase.getcCs:|jp||jv|_||jurdn|f}|jj|g|¢RŽS)Nr)rr"Ú_SessionBase__not_givenÚpop)rr$r2Úargsrrrr4FszSessionBase.popcCs(||jvr |j|Sd|_||j|<|Sr(r)r*rrrÚ setdefaultKs   zSessionBase.setdefaultcCs|j||j<dSr )ÚTEST_COOKIE_VALUEÚTEST_COOKIE_NAMEr/rrrÚset_test_cookieSszSessionBase.set_test_cookiecCs| |j¡|jkSr )r1r8r7r/rrrÚtest_cookie_workedVszSessionBase.test_cookie_workedcCs ||j=dSr )r8r/rrrÚdelete_test_cookieYs zSessionBase.delete_test_cookiecCstj||j|jddS)zGReturn the given session dictionary serialized and encoded as a string.T)ÚsaltrÚcompress)rÚdumpsr0r)rÚ session_dictrrrÚencode\s üzSessionBase.encodecCsTz tj||j|jdWStjy t d¡}| d¡YiSty)YiSw)N)r<rz!django.security.SuspiciousSessionzSession data corrupted) rÚloadsr0rÚ BadSignatureÚloggingÚ getLoggerÚwarningÚ Exception)rÚ session_dataÚloggerrrrÚdecodees ÿ   üüzSessionBase.decodecCs|j |¡d|_dSr()r"Úupdater)rÚdict_rrrrJss  zSessionBase.updatecCrr r!r#rrrÚhas_keywr&zSessionBase.has_keycCó |j ¡Sr )r"Úkeysr/rrrrNzr&zSessionBase.keyscCrMr )r"Úvaluesr/rrrrO}r&zSessionBase.valuescCrMr )r"Úitemsr/rrrrP€r&zSessionBase.itemscCsi|_d|_d|_dSr()Ú_session_cacherrr/rrrÚclearƒs zSessionBase.clearcCs(z |j o|j WStyYdSw)zBReturn True when there is no session_key and the session is empty.T)rrQÚAttributeErrorr/rrrÚis_empty‹s  ÿzSessionBase.is_emptycCs tdtƒ}| |¡s |Sq)z)Return session key that isn't being used.Té )rÚVALID_KEY_CHARSÚexistsrrrrÚ_get_new_session_key’s   ýz SessionBase._get_new_session_keycCs|jdur | ¡|_|jSr )rrXr/rrrÚ_get_or_create_session_key™s  z&SessionBase._get_or_create_session_keycCs|ot|ƒdkS)z” Key must be truthy and at least 8 characters long. 8 characters is an arbitrary lower bound for some minimal key security. é)Úlenr#rrrÚ_validate_session_keyžsz!SessionBase._validate_session_keycCs|jSr )Ú_SessionBase__session_keyr/rrrÚ_get_session_key¥ózSessionBase._get_session_keycCs| |¡r ||_dSd|_dS)zV Validate session key on assignment. Invalid values will set to None. N)r\r]©rr+rrrÚ_set_session_key¨s   zSessionBase._set_session_keyFcCsLd|_z|jWSty%|jdus|ri|_Y|jS| ¡|_Y|jSw)zž Lazily load session from storage (unless "no_load" is True, when only an empty dict is stored) and store it in the current instance. TN)rrQrSrÚload)rÚno_loadrrrÚ _get_session´s  ÿûzSessionBase._get_sessioncCstjSr )rÚSESSION_COOKIE_AGEr/rrrÚget_session_cookie_ageÅr_z"SessionBase.get_session_cookie_agecKsœz|d}Wn tyt ¡}Ynwz|d}Wnty(| d¡}Ynw|s/| ¡St|ttfƒs8|St|tƒrBt |¡}||}|j d|j S)zÕGet the number of seconds until the session expires. Optionally, this function accepts `modification` and `expiry` keyword arguments specifying the modification and expiry of the session. Ú modificationÚexpiryÚ_session_expiryi€Q) ÚKeyErrorrÚnowr1rfÚ isinstancerÚstrÚ fromisoformatÚdaysÚseconds)rÚkwargsrgrhÚdeltarrrÚget_expiry_ageÈs$   ÿ  ÿ  zSessionBase.get_expiry_agecKsŽz|d}Wn tyt ¡}Ynwz|d}Wnty(| d¡}Ynwt|tƒr0|St|tƒr:t |¡S|p?| ¡}|t |dS)zÔGet session the expiry date (as a datetime object). Optionally, this function accepts `modification` and `expiry` keyword arguments specifying the modification and expiry of the session. rgrhri)rp) rjrrkr1rlrrmrnrfr)rrqrgrhrrrÚget_expiry_dateãs    ÿ  ÿ    zSessionBase.get_expiry_datecCs^|durz|d=WdStyYdSwt|tƒr t ¡|}t|tƒr)| ¡}||d<dS)a* Set a custom expiration for the session. ``value`` can be an integer, a Python ``datetime`` or ``timedelta`` object or ``None``. If ``value`` is an integer, the session will expire after that many seconds of inactivity. If set to ``0`` then the session will expire on browser close. If ``value`` is a ``datetime`` or ``timedelta`` object, the session will expire at that specific future time. If ``value`` is ``None``, the session uses the global session expiry policy. Nri)rjrlrrrkrÚ isoformatr`rrrÚ set_expiryús þþ    zSessionBase.set_expirycCs | d¡}dur tjS|dkS)a Return ``True`` if the session is set to expire when the browser closes, and ``False`` if there's an expiry date. Use ``get_expiry_date()`` or ``get_expiry_age()`` to find the actual expiry date/age, if there is one. riNr)r1rÚSESSION_EXPIRE_AT_BROWSER_CLOSE)rrhrrrÚget_expire_at_browser_closesz'SessionBase.get_expire_at_browser_closecCs| ¡| ¡d|_dS)zc Remove the current session data from the database and regenerate the key. N)rRÚdeleterr/rrrÚflush!s zSessionBase.flushcCs0|j}|j}| ¡||_|r| |¡dSdS)zU Create a new session key, while retaining the current session data. N)r"rÚcreaterQry)rÚdatar$rrrÚ cycle_key*sÿzSessionBase.cycle_keycCótdƒ‚)zF Return True if the given session_key already exists. z9subclasses of SessionBase must provide an exists() method©ÚNotImplementedErrorrrrrrW7óÿzSessionBase.existscCr~)zÅ Create a new session instance. Guaranteed to create a new object with a unique key and will have saved the result once (with empty data) before the method returns. z8subclasses of SessionBase must provide a create() methodrr/rrrr{?óÿzSessionBase.createcCr~)zä Save the session data. If 'must_create' is True, create a new session object (or raise CreateError). Otherwise, only update an existing object and don't create one (raise UpdateError if needed). z6subclasses of SessionBase must provide a save() methodr)rÚ must_createrrrÚsaveIr‚zSessionBase.savecCr~)zx Delete the session data under this key. If the key is None, use the current session key value. z8subclasses of SessionBase must provide a delete() methodrrrrrrySsÿzSessionBase.deletecCr~)z@ Load the session data and return a dictionary. z6subclasses of SessionBase must provide a load() methodrr/rrrrb\rzSessionBase.loadcCr~)a Remove expired sessions from the session store. If this operation isn't possible on a given backend, it should raise NotImplementedError. If it isn't necessary, because the backend has a built-in expiration mechanism, it should be a no-op. z.This backend does not support clear_expired().r)ÚclsrrrÚ clear_expiredds zSessionBase.clear_expiredr )F)5r r rrr8r7Úobjectr3rr%r'r,r-Úpropertyr0r1r4r6r9r:r;r@rIrJrLrNrOrPrRrTrXrYr\r^rarrrdr"rfrsrtrvrxrzr}rWr{r„ryrbÚ classmethodr†rrrrr!sd            r)rCÚstringrrÚ django.confrÚ django.corerÚ django.utilsrÚdjango.utils.cryptorÚdjango.utils.module_loadingrÚascii_lowercaseÚdigitsrVrFr rrrrrrÚs