Coverage for /var/srv/projects/api.amasfac.comuna18.com/tmp/venv/lib/python3.9/site-packages/django/contrib/sessions/middleware.py: 59%

1import time 

2from importlib import import_module 

3 

4from django.conf import settings 

5from django.contrib.sessions.backends.base import UpdateError 

6from django.contrib.sessions.exceptions import SessionInterrupted 

7from django.utils.cache import patch_vary_headers 

8from django.utils.deprecation import MiddlewareMixin 

9from django.utils.http import http_date 

10 

11 

12class SessionMiddleware(MiddlewareMixin): 

13 def __init__(self, get_response): 

14 super().__init__(get_response) 

15 engine = import_module(settings.SESSION_ENGINE) 

16 self.SessionStore = engine.SessionStore 

17 

18 def process_request(self, request): 

19 session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME) 

20 request.session = self.SessionStore(session_key) 

21 

22 def process_response(self, request, response): 

23 """ 

24 If request.session was modified, or if the configuration is to save the 

25 session every time, save the changes and set a session cookie or delete 

26 the session cookie if the session has been emptied. 

27 """ 

28 try: 

29 accessed = request.session.accessed 

30 modified = request.session.modified 

31 empty = request.session.is_empty() 

32 except AttributeError: 

33 return response 

34 # First check if we need to delete this cookie. 

35 # The session should be deleted only if the session is entirely empty. 

36 if settings.SESSION_COOKIE_NAME in request.COOKIES and empty: 36 ↛ 37line 36 didn't jump to line 37, because the condition on line 36 was never true

37 response.delete_cookie( 

38 settings.SESSION_COOKIE_NAME, 

39 path=settings.SESSION_COOKIE_PATH, 

40 domain=settings.SESSION_COOKIE_DOMAIN, 

41 samesite=settings.SESSION_COOKIE_SAMESITE, 

42 ) 

43 patch_vary_headers(response, ("Cookie",)) 

44 else: 

45 if accessed: 

46 patch_vary_headers(response, ("Cookie",)) 

47 if (modified or settings.SESSION_SAVE_EVERY_REQUEST) and not empty: 47 ↛ 48line 47 didn't jump to line 48, because the condition on line 47 was never true

48 if request.session.get_expire_at_browser_close(): 

49 max_age = None 

50 expires = None 

51 else: 

52 max_age = request.session.get_expiry_age() 

53 expires_time = time.time() + max_age 

54 expires = http_date(expires_time) 

55 # Save the session data and refresh the client cookie. 

56 # Skip session save for 500 responses, refs #3881. 

57 if response.status_code != 500: 

58 try: 

59 request.session.save() 

60 except UpdateError: 

61 raise SessionInterrupted( 

62 "The request's session was deleted before the " 

63 "request completed. The user may have logged " 

64 "out in a concurrent request, for example." 

65 ) 

66 response.set_cookie( 

67 settings.SESSION_COOKIE_NAME, 

68 request.session.session_key, 

69 max_age=max_age, 

70 expires=expires, 

71 domain=settings.SESSION_COOKIE_DOMAIN, 

72 path=settings.SESSION_COOKIE_PATH, 

73 secure=settings.SESSION_COOKIE_SECURE or None, 

74 httponly=settings.SESSION_COOKIE_HTTPONLY or None, 

75 samesite=settings.SESSION_COOKIE_SAMESITE, 

76 ) 

77 return response