3 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
5 from ipsilon.util.log import Log
10 class SecureCookie(Log):
12 def __init__(self, name=None, value=None, maxage=None, expires=None):
14 self.name = str(uuid.uuid4())
18 self.secure = cherrypy.config.get('tools.sessions.secure', True)
19 self.httponly = cherrypy.config.get('tools.sessions.httponly', True)
21 self.expires = expires
24 def _get_cookie_attr(self, name):
25 return getattr(cherrypy.request.cookie[self.name], name, None)
27 def _set_cookie_attr(self, name, value):
28 if value is not None and value is not False:
29 cherrypy.response.cookie[self.name][name] = value
32 if self.name not in cherrypy.request.cookie:
35 self.value = cherrypy.request.cookie[self.name].value
36 self.path = self._get_cookie_attr('path')
37 self.secure = self._get_cookie_attr('secure')
38 self.httponly = self._get_cookie_attr('httponly')
39 self.maxage = self._get_cookie_attr('max-age')
40 self.expires = self._get_cookie_attr('expires')
43 if self.value is None:
44 raise ValueError('Cookie has no value')
45 if self.maxage is None and self.expires is not 0:
46 # 5 minutes should be enough ...
48 cherrypy.response.cookie[self.name] = str(self.value)
52 path = cherrypy.config.get('base.mount', '/')
53 self._set_cookie_attr('path', path)
54 self._set_cookie_attr('secure', self.secure)
55 self._set_cookie_attr('httponly', self.httponly)
56 self._set_cookie_attr('max-age', self.maxage)
57 self._set_cookie_attr('expires', self.expires)
58 self.debug('Cookie op: %s' % cherrypy.response.cookie[self.name])
62 self.debug('Deleting cookie %s' % self.name)
66 self.debug('Sending cookie %s' % self.name)