h-ddlZddlZddlmZmZddlmZddlmZddlm Z ddl m Z ddl m Z ejejzZGdd eZGd d eZGd d ZdS)N)datetime timedelta)settings)signing)timezone)get_random_string) import_stringceZdZdZdS) CreateErrorz Used internally as a consistent exception type to catch from save (see the docstring for SessionBase.save() for details). N__name__ __module__ __qualname____doc__d/var/www/surfInsights/venv3-11/lib/python3.11/site-packages/django/contrib/sessions/backends/base.pyr r s  Drr ceZdZdZdS) UpdateErrorzF Occurs if Django tries to update a session that was deleted. Nr rrrrrs DrrceZdZdZdZdZeZd.dZdZ dZ dZ d Z e d Zd.d Zefd Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!dZ"e e!Z#e e!e"Z$d/d Z%e e%Z&d!Z'd"Z(d#Z)d$Z*d%Z+d&Z,d'Z-d(Z.d)Z/d/d*Z0d.d+Z1d,Z2e3d-Z4dS)0 SessionBasez- Base class for all Session classes. testcookieworkedNcl||_d|_d|_ttj|_dS)NF) _session_keyaccessedmodifiedr rSESSION_SERIALIZER serializerself session_keys r__init__zSessionBase.__init__+s.'  '(CDDrc||jvSN_sessionr!keys r __contains__zSessionBase.__contains__1dm##rc|j|Sr%r&r(s r __getitem__zSessionBase.__getitem__4s}S!!rc(||j|<d|_dSNTr'rr!r)values r __setitem__zSessionBase.__setitem__7s" c rc$|j|=d|_dSr/r0r(s r __delitem__zSessionBase.__delitem__;s M#  rc d|jjzS)Nzdjango.contrib.sessions.) __class__rr!s rkey_saltzSessionBase.key_salt?s)DN,GGGrc8|j||Sr%)r'get)r!r)defaults rr;zSessionBase.getCs}  g...rcn|jp||jv|_||jurdn|f}|jj|g|RS)Nr)rr'_SessionBase__not_givenpop)r!r)r<argss rr?zSessionBase.popFsL = )=  000rrwj t} ,t,,,,rcT||jvr |j|Sd|_||j|<|Sr/r0r1s r setdefaultzSessionBase.setdefaultKs4 $-  =% % DM!&DM# Lrc$|j||j<dSr%)TEST_COOKIE_VALUETEST_COOKIE_NAMEr8s rset_test_cookiezSessionBase.set_test_cookieSs&*&<T "###rcH||j|jkSr%)r;rErDr8s rtest_cookie_workedzSessionBase.test_cookie_workedVsxx-..$2HHHrc||j=dSr%)rEr8s rdelete_test_cookiezSessionBase.delete_test_cookieYs & ' ' 'rcFtj||j|jdS)zGReturn the given session dictionary serialized and encoded as a string.T)saltrcompress)rdumpsr9r)r! session_dicts rencodezSessionBase.encode\s+}      rc tj||j|jS#tj$r,t jd}|dYnt$rYnwxYwiS)N)rLrz!django.security.SuspiciousSessionzSession data corrupted) rloadsr9r BadSignaturelogging getLoggerwarning Exception)r! session_dataloggers rdecodezSessionBase.decodees =4=T_ # 5 5 5&'JKKF NN3 4 4 4 4 4    D  s #8A) A)(A)cH|j|d|_dSr/)r'updater)r!dict_s rr\zSessionBase.updatess# U### rc||jvSr%r&r(s rhas_keyzSessionBase.has_keywr+rc4|jSr%)r'keysr8s rrazSessionBase.keyszs}!!###rc4|jSr%)r'valuesr8s rrczSessionBase.values}s}##%%%rc4|jSr%)r'itemsr8s rrezSessionBase.itemss}""$$$rc0i|_d|_d|_dSr/)_session_cacherrr8s rclearzSessionBase.clears!  rcF |j o|j S#t$rYdSwxYw)zBReturn True when there is no session_key and the session is empty.T)rrgAttributeErrorr8s ris_emptyzSessionBase.is_emptys@ ((D1D-D D   44 s   c^ tdt}||s|S-)z)Return session key that isn't being used.T )rVALID_KEY_CHARSexistsr s r_get_new_session_keyz SessionBase._get_new_session_keys5 #+B@@K;;{++ #"" #rcP|j||_|jSr%)rrpr8s r_get_or_create_session_keyz&SessionBase._get_or_create_session_keys(   $ $ 9 9 ; ;D   rc,|ot|dkS)z Key must be truthy and at least 8 characters long. 8 characters is an arbitrary lower bound for some minimal key security. )lenr(s r_validate_session_keyz!SessionBase._validate_session_keys $s3xx1}$rc|jSr%)_SessionBase__session_keyr8s r_get_session_keyzSessionBase._get_session_keys !!rcP||r ||_dSd|_dS)zV Validate session key on assignment. Invalid values will set to None. N)rvrxr!r2s r_set_session_keyzSessionBase._set_session_keys6  % %e , , &!&D   !%D   rFcd|_ |jS#t$r-|j|ri|_n||_YnwxYw|jS)z Lazily load session from storage (unless "no_load" is True, when only an empty dict is stored) and store it in the current instance. T)rrgrjr"load)r!no_loads r _get_sessionzSessionBase._get_sessionsj   2& & 2 2 2'7'&(##&*iikk#  2 ""s4AActjSr%)rSESSION_COOKIE_AGEr8s rget_session_cookie_agez"SessionBase.get_session_cookie_ages **rc  |d}n##t$rtj}YnwxYw |d}n%#t$r|d}YnwxYw|s|St |t tfs|St |trt j|}||z }|j dz|j zS)zGet the number of seconds until the session expires. Optionally, this function accepts `modification` and `expiry` keyword arguments specifying the modification and expiry of the session. modificationexpiry_session_expiryiQ) KeyErrorrnowr;r isinstancerstr fromisoformatdaysseconds)r!kwargsrrdeltas rget_expiry_agezSessionBase.get_expiry_ages  *!.1LL * * *#<>>LLL *  1H%FF 1 1 1XX/00FFF 1 1..00 0&8S/22 M fc " " 4+F33F%zE!EM11 ++8AAc  |d}n##t$rtj}YnwxYw |d}n%#t$r|d}YnwxYwt |t r|St |t rt j|S|p|}|t|zS)zGet session the expiry date (as a datetime object). Optionally, this function accepts `modification` and `expiry` keyword arguments specifying the modification and expiry of the session. rrr)r) rrrr;rrrrrr)r!rrrs rget_expiry_datezSessionBase.get_expiry_dates  *!.1LL * * *#<>>LLL * 1H%FF 1 1 1XX/00FFF 1 fh ' ' 2M  $ $ 2)&11 1846688i77777rc| |d=n#t$rYnwxYwdSt|trtj|z}t|t r|}||d<dS)a* Set a custom expiration for the session. ``value`` can be an integer, a Python ``datetime`` or ``timedelta`` object or ``None``. If ``value`` is an integer, the session will expire after that many seconds of inactivity. If set to ``0`` then the session will expire on browser close. If ``value`` is a ``datetime`` or ``timedelta`` object, the session will expire at that specific future time. If ``value`` is ``None``, the session uses the global session expiry policy. Nr)rrrrrr isoformatr{s r set_expiryzSessionBase.set_expirys = *++     F eY ' ' +LNNU*E eX & & &OO%%E"' s  cT|dx} tjS|dkS)a Return ``True`` if the session is set to expire when the browser closes, and ``False`` if there's an expiry date. Use ``get_expiry_date()`` or ``get_expiry_age()`` to find the actual expiry date/age, if there is one. rNr)r;rSESSION_EXPIRE_AT_BROWSER_CLOSE)r!rs rget_expire_at_browser_closez'SessionBase.get_expire_at_browser_closes/hh011 1F :; ;{rcd||d|_dS)zc Remove the current session data from the database and regenerate the key. N)rhdeleterr8s rflushzSessionBase.flush!s,   rc|j}|j}|||_|r||dSdS)zU Create a new session key, while retaining the current session data. N)r'r"creatergr)r!datar)s r cycle_keyzSessionBase.cycle_key*sR} "   KK       rc td)zF Return True if the given session_key already exists. z9subclasses of SessionBase must provide an exists() methodNotImplementedErrorr s rrozSessionBase.exists7s" G   rc td)z Create a new session instance. Guaranteed to create a new object with a unique key and will have saved the result once (with empty data) before the method returns. z8subclasses of SessionBase must provide a create() methodrr8s rrzSessionBase.create?s " F   rc td)z Save the session data. If 'must_create' is True, create a new session object (or raise CreateError). Otherwise, only update an existing object and don't create one (raise UpdateError if needed). z6subclasses of SessionBase must provide a save() methodr)r! must_creates rsavezSessionBase.saveIs " D   rc td)zx Delete the session data under this key. If the key is None, use the current session key value. z8subclasses of SessionBase must provide a delete() methodrr s rrzSessionBase.deleteSs " F   rc td)z@ Load the session data and return a dictionary. z6subclasses of SessionBase must provide a load() methodrr8s rr~zSessionBase.load\s" D   rc td)a Remove expired sessions from the session store. If this operation isn't possible on a given backend, it should raise NotImplementedError. If it isn't necessary, because the backend has a built-in expiration mechanism, it should be a no-op. z.This backend does not support clear_expired().r)clss r clear_expiredzSessionBase.clear_expiredds""RSSSrr%)F)5r rrrrErDobjectr>r#r*r-r3r5propertyr9r;r?rBrFrHrJrPrZr\r_rarcrerhrkrprrrvryr|r"rrr'rrrrrrrrorrrr~ classmethodrrrrrr!s$ &((KEEEE $$$"""HHXH//// +---- ===III(((      $$$$$$&&&%%%###!!! %%%"""&&&(+,,K8,.>??L # # # #x %%H+++2226888.(((8   !!!                    TT[TTTrr)rTstringrr django.confr django.corer django.utilsrdjango.utils.cryptordjango.utils.module_loadingr ascii_lowercasedigitsrnrWr rrrrrrs4 (((((((( !!!!!!111111555555(6=8     )        )   LTLTLTLTLTLTLTLTLTLTr