diff options
| author | Philip Sargent <philip.sargent@gmail.com> | 2025-06-14 20:36:31 +0300 |
|---|---|---|
| committer | Philip Sargent <philip.sargent@gmail.com> | 2025-06-14 20:36:31 +0300 |
| commit | 40fb066e2be579f07e8219bfa2306d66278b4b00 (patch) | |
| tree | 992f58f2ac0d1fe8cf2c5888d1a957f2272bc2ee | |
| parent | d8cdf7bc5ac1d258b36a8548c354e82ca314197a (diff) | |
| download | troggle-40fb066e2be579f07e8219bfa2306d66278b4b00.tar.gz troggle-40fb066e2be579f07e8219bfa2306d66278b4b00.tar.bz2 troggle-40fb066e2be579f07e8219bfa2306d66278b4b00.zip | |
refactoring cookie age as a function not a constant
| -rw-r--r-- | core/utils.py | 6 | ||||
| -rw-r--r-- | core/views/cave_kataster.py | 1 | ||||
| -rw-r--r-- | core/views/caves.py | 6 | ||||
| -rw-r--r-- | core/views/editor_helpers.py | 5 | ||||
| -rw-r--r-- | core/views/expo.py | 8 | ||||
| -rw-r--r-- | core/views/logbook_edit.py | 4 | ||||
| -rw-r--r-- | core/views/other.py | 8 | ||||
| -rw-r--r-- | core/views/signup.py | 1 | ||||
| -rw-r--r-- | core/views/survex.py | 6 | ||||
| -rw-r--r-- | core/views/uploads.py | 4 | ||||
| -rw-r--r-- | core/views/wallets_edit.py | 4 |
11 files changed, 30 insertions, 23 deletions
diff --git a/core/utils.py b/core/utils.py index 3cb2d8a..f15d6cc 100644 --- a/core/utils.py +++ b/core/utils.py @@ -46,6 +46,7 @@ TROG = {"pagecache": {"expedition": {}}, "caves": {"gcavelookup": {}, "gcavecoun alphabet = [] sha = hashlib.new('sha256') COOKIE_MAX_AGE = 2*365*24*60*60 # seconds +COOKIE_SHORT_TIMEOUT = 60*60 # seconds throw = 35.0 EXPOSERVER = "expo" # hostname of the server at expo.survex.com @@ -76,6 +77,11 @@ except: # Opening of file for writing is going to fail currently, so decide it doesn't matter for now pass +def get_cookie_max_age(): + """This is where we detect whether the machine the user is using is a shared-use device or a personbal device. + If it is shared-use, then we set a much shorter cookie timout period. + """ + return COOKIE_MAX_AGE def sanitize_name(name): """Filenames sould not contain these characters as then the system barf when it tries to use them in URLs diff --git a/core/views/cave_kataster.py b/core/views/cave_kataster.py index b853616..c819ecc 100644 --- a/core/views/cave_kataster.py +++ b/core/views/cave_kataster.py @@ -9,7 +9,6 @@ from django.shortcuts import redirect, render import troggle.settings as settings
#from troggle.core.models.caves import Entrance, Cave
from troggle.core.utils import (
- COOKIE_MAX_AGE,
WriteAndCommitError,
current_expo,
get_cookie,
diff --git a/core/views/caves.py b/core/views/caves.py index 66a4943..b6a9127 100644 --- a/core/views/caves.py +++ b/core/views/caves.py @@ -21,7 +21,7 @@ from troggle.core.models.caves import Cave, CaveAndEntrance, Entrance, GetCaveLo from troggle.core.models.logbooks import QM from troggle.core.models.wallets import Wallet from troggle.core.utils import ( - COOKIE_MAX_AGE, + get_cookie_max_age, WriteAndCommitError, current_expo, get_editor, @@ -547,7 +547,7 @@ def edit_cave(request, path="", slug=None): edit_response = HttpResponseRedirect("/" + cave.url) else: edit_response = HttpResponseRedirect(reverse("newentrance", args = [cave.url_parent(), cave.slug()])) - edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds + edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds try: cave_file = cave.file_output() @@ -777,7 +777,7 @@ def edit_entrance(request, path="", caveslug=None, entslug=None): try: write_and_commit([entrance_file, cave_file], f"Online edit of entrance {entrance.slug}", editor) edit_response = HttpResponseRedirect("/" + cave.url) - edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds + edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds return edit_response except Exception as e: efilepath, econtent, eencoding = entrance_file diff --git a/core/views/editor_helpers.py b/core/views/editor_helpers.py index fd6320e..28cd936 100644 --- a/core/views/editor_helpers.py +++ b/core/views/editor_helpers.py @@ -16,7 +16,8 @@ from django.conf import settings as django_settings from PIL import Image import troggle.settings as settings -from troggle.core.utils import ( COOKIE_MAX_AGE, +from troggle.core.utils import ( + get_cookie_max_age, WriteAndCommitError, get_editor, git_string, write_binary_file, write_and_commit, write_files, @@ -409,7 +410,7 @@ def new_image_form(request, path): ) save_original_in_expofiles(f, year, form.cleaned_data["photographer"], host, image_rel_path, referer) j_response = JsonResponse({"html": html_snippet}) - j_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # does NOT seem to work updating who_are_you cookie + j_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # does NOT work updating who_are_you cookie - because it is JsonResponse not HttpResponse. return j_response else: # print(f"new_image_form(): not POST ") diff --git a/core/views/expo.py b/core/views/expo.py index 2d617b8..723f772 100644 --- a/core/views/expo.py +++ b/core/views/expo.py @@ -14,7 +14,7 @@ import troggle.core.views.caves import troggle.settings as settings from troggle.core.models.caves import Cave from troggle.core.utils import ( - COOKIE_MAX_AGE, + get_cookie_max_age, WriteAndCommitError, current_expo, git_string, @@ -493,8 +493,8 @@ def editexpopage(request, path): if not filefound or result != html: # Check if content changed at all edit_response = HttpResponseRedirect(reverse("expopage", args=[path])) # Redirect after POST - edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds - print(f"Cookie set: {editor} for {COOKIE_MAX_AGE/(24*3600)} days") + edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds + print(f"Cookie set: {editor} for {get_cookie_max_age()/(3600)} hour(s)") try: change_message = pageform.cleaned_data["change_message"] write_and_commit([(filepath, result, "utf-8")], f"{change_message} - online edit of {path}", editor) @@ -610,7 +610,7 @@ def edittxtpage(request, path, filepath): savepath = "/" + path print(f"redirect {savepath}") response = redirect(savepath) # Redirect after POST - response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds + response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds return response else: diff --git a/core/views/logbook_edit.py b/core/views/logbook_edit.py index 7207842..7a79528 100644 --- a/core/views/logbook_edit.py +++ b/core/views/logbook_edit.py @@ -13,7 +13,7 @@ from troggle.core.models.logbooks import LogbookEntry, PersonLogEntry, writelogb from troggle.core.models.survex import DrawingFile
from troggle.core.models.troggle import DataIssue, Expedition, PersonExpedition
from troggle.core.utils import (
- COOKIE_MAX_AGE,
+ get_cookie_max_age,
add_commit,
alphabet_suffix,
current_expo,
@@ -344,7 +344,7 @@ def logbookedit(request, year=None, slug=None): # error settings e.g dateflag and authroflag so the user gets no feedback about bad data entered.
# so we need to pass the flags explicitly in the url and then extract them from the request in the GET bit. sigh.
response = HttpResponseRedirect(f"/logbookedit/{slug}?dateflag={dateflag}&authorflag={authorflag}")
- response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+ response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
return response
# Do the redirect instead of this:
diff --git a/core/views/other.py b/core/views/other.py index 6d1b175..fd1d1ef 100644 --- a/core/views/other.py +++ b/core/views/other.py @@ -11,7 +11,7 @@ from troggle.core.models.logbooks import LogbookEntry, writelogbook # , PersonL # from databaseReset import reinit_db # don't do this. databaseRest runs code *at import time* from troggle.core.models.troggle import Expedition -from troggle.core.utils import current_expo, COOKIE_MAX_AGE +from troggle.core.utils import current_expo, COOKIE_SHORT_TIMEOUT from troggle.parsers.imports import ( import_caves, import_drawingsfiles, @@ -38,9 +38,11 @@ todo = """ def public_laptop(request): """Just sets a cookie. Visit this web page from Crowley, Anathema, Aziraphale, Pulsifer etc. + + This hack to be replaced in due course by a proper call from a user saying whether they are using a shared machine or not. """ - response = HttpResponse("Cookie has been set on this machine, which now defines it as a public laptop. So login cookie lifetimes will now be short.") - response.set_cookie("public_laptop", "this is a public laptop", max_age=COOKIE_MAX_AGE) # Cookie expires in 1 hour + response = HttpResponse(f"Cookie has been set on this machine, which now defines it as a public laptop. So the login cookie lifetimes will now be short:{COOKIE_SHORT_TIMEOUT/(60*60)} hour(s)") + response.set_cookie("public_laptop", "this is a public laptop", max_age=COOKIE_SHORT_TIMEOUT) # Cookie expires in 1 hour return response def todos(request, module): diff --git a/core/views/signup.py b/core/views/signup.py index bb85e03..4f5365a 100644 --- a/core/views/signup.py +++ b/core/views/signup.py @@ -12,7 +12,6 @@ from troggle.core.models.troggle import DataIssue, Person, PersonExpedition from troggle.core.models.logbooks import Expedition from troggle.core.views.editor_helpers import HTMLarea from troggle.core.utils import ( - COOKIE_MAX_AGE, WriteAndCommitError, add_commit, current_expo, diff --git a/core/views/survex.py b/core/views/survex.py index fe95825..3c7e26a 100644 --- a/core/views/survex.py +++ b/core/views/survex.py @@ -18,7 +18,7 @@ from troggle.core.models.logbooks import LogbookEntry from troggle.core.models.survex import SurvexBlock, SurvexFile #, SurvexDirectory from troggle.core.models.wallets import Wallet from troggle.core.utils import ( - COOKIE_MAX_AGE, + get_cookie_max_age, add_commit, current_expo, get_editor, @@ -441,8 +441,8 @@ def svx(request, survex_file): else: edit_response = render(request, "svxfile.html", vmap) - edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds - print(f"Cookie reset: {editor} for another {COOKIE_MAX_AGE/3600} hours") + edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds + print(f"Cookie reset: {editor} for another {get_cookie_max_age()/3600} hour(s)") return edit_response diff --git a/core/views/uploads.py b/core/views/uploads.py index 691e54d..9e07978 100644 --- a/core/views/uploads.py +++ b/core/views/uploads.py @@ -12,7 +12,7 @@ from troggle.core.models.caves import GetCaveLookup from troggle.core.models.survex import DrawingFile from troggle.core.models.troggle import DataIssue, Expedition, PersonExpedition from troggle.core.utils import ( - COOKIE_MAX_AGE, + get_cookie_max_age, alphabet_suffix, current_expo, get_editor, @@ -755,5 +755,5 @@ def dwgupload(request, folder=None, gitdisable="no"): "who_are_you": editor, }, ) - response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds + response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds return response diff --git a/core/views/wallets_edit.py b/core/views/wallets_edit.py index 9babbb2..a6bedeb 100644 --- a/core/views/wallets_edit.py +++ b/core/views/wallets_edit.py @@ -20,7 +20,7 @@ from troggle.core.models.survex import SurvexBlock, SurvexFile, SurvexPersonRole from troggle.core.models.troggle import DataIssue, Expedition from troggle.core.models.wallets import YEAR_RANGE, Wallet, make_valid_date from troggle.core.utils import ( - COOKIE_MAX_AGE, + get_cookie_max_age, WriteAndCommitError, add_commit, current_expo, @@ -978,6 +978,6 @@ def walletedit(request, path=None): "freetextsize": str(max(60, len(str(freetext)))), }, ) - edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds + edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds return edit_response |