Mercurial > templog
comparison web/secure.py @ 303:a99631597f65
don't expire cookies soon
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 23 Jul 2019 22:44:24 +0800 |
| parents | f7261dd970da |
| children | 87c20b8c5472 |
comparison
equal
deleted
inserted
replaced
| 302:ef407d48cbe5 | 303:a99631597f65 |
|---|---|
| 34 Returns the hash of the cookie (new or existing) | 34 Returns the hash of the cookie (new or existing) |
| 35 """ | 35 """ |
| 36 c = bottle.request.get_cookie(AUTH_COOKIE) | 36 c = bottle.request.get_cookie(AUTH_COOKIE) |
| 37 if not c: | 37 if not c: |
| 38 c = binascii.hexlify(os.urandom(AUTH_COOKIE_LEN)) | 38 c = binascii.hexlify(os.urandom(AUTH_COOKIE_LEN)) |
| 39 bottle.response.set_cookie(AUTH_COOKIE, c, secure=True, httponly=True) | 39 years = 60*60*24*365 |
| 40 bottle.response.set_cookie(AUTH_COOKIE, c, secure=True, httponly=True, max_age=10*years) | |
| 40 return cookie_hash(c) | 41 return cookie_hash(c) |
| 41 | 42 |
| 42 def check_cookie(allowed_users): | 43 def check_cookie(allowed_users): |
| 43 c = bottle.request.get_cookie(AUTH_COOKIE) | 44 c = bottle.request.get_cookie(AUTH_COOKIE) |
| 44 if not c: | 45 if not c: |