summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/utils.py6
-rw-r--r--core/views/cave_kataster.py1
-rw-r--r--core/views/caves.py6
-rw-r--r--core/views/editor_helpers.py5
-rw-r--r--core/views/expo.py8
-rw-r--r--core/views/logbook_edit.py4
-rw-r--r--core/views/other.py8
-rw-r--r--core/views/signup.py1
-rw-r--r--core/views/survex.py6
-rw-r--r--core/views/uploads.py4
-rw-r--r--core/views/wallets_edit.py4
11 files changed, 30 insertions, 23 deletions
diff --git a/core/utils.py b/core/utils.py
index 3cb2d8a..f15d6cc 100644
--- a/core/utils.py
+++ b/core/utils.py
@@ -46,6 +46,7 @@ TROG = {"pagecache": {"expedition": {}}, "caves": {"gcavelookup": {}, "gcavecoun
alphabet = []
sha = hashlib.new('sha256')
COOKIE_MAX_AGE = 2*365*24*60*60 # seconds
+COOKIE_SHORT_TIMEOUT = 60*60 # seconds
throw = 35.0
EXPOSERVER = "expo" # hostname of the server at expo.survex.com
@@ -76,6 +77,11 @@ except:
# Opening of file for writing is going to fail currently, so decide it doesn't matter for now
pass
+def get_cookie_max_age():
+ """This is where we detect whether the machine the user is using is a shared-use device or a personbal device.
+ If it is shared-use, then we set a much shorter cookie timout period.
+ """
+ return COOKIE_MAX_AGE
def sanitize_name(name):
"""Filenames sould not contain these characters as then the system barf when it tries to use them in URLs
diff --git a/core/views/cave_kataster.py b/core/views/cave_kataster.py
index b853616..c819ecc 100644
--- a/core/views/cave_kataster.py
+++ b/core/views/cave_kataster.py
@@ -9,7 +9,6 @@ from django.shortcuts import redirect, render
import troggle.settings as settings
#from troggle.core.models.caves import Entrance, Cave
from troggle.core.utils import (
- COOKIE_MAX_AGE,
WriteAndCommitError,
current_expo,
get_cookie,
diff --git a/core/views/caves.py b/core/views/caves.py
index 66a4943..b6a9127 100644
--- a/core/views/caves.py
+++ b/core/views/caves.py
@@ -21,7 +21,7 @@ from troggle.core.models.caves import Cave, CaveAndEntrance, Entrance, GetCaveLo
from troggle.core.models.logbooks import QM
from troggle.core.models.wallets import Wallet
from troggle.core.utils import (
- COOKIE_MAX_AGE,
+ get_cookie_max_age,
WriteAndCommitError,
current_expo,
get_editor,
@@ -547,7 +547,7 @@ def edit_cave(request, path="", slug=None):
edit_response = HttpResponseRedirect("/" + cave.url)
else:
edit_response = HttpResponseRedirect(reverse("newentrance", args = [cave.url_parent(), cave.slug()]))
- edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+ edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
try:
cave_file = cave.file_output()
@@ -777,7 +777,7 @@ def edit_entrance(request, path="", caveslug=None, entslug=None):
try:
write_and_commit([entrance_file, cave_file], f"Online edit of entrance {entrance.slug}", editor)
edit_response = HttpResponseRedirect("/" + cave.url)
- edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+ edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
return edit_response
except Exception as e:
efilepath, econtent, eencoding = entrance_file
diff --git a/core/views/editor_helpers.py b/core/views/editor_helpers.py
index fd6320e..28cd936 100644
--- a/core/views/editor_helpers.py
+++ b/core/views/editor_helpers.py
@@ -16,7 +16,8 @@ from django.conf import settings as django_settings
from PIL import Image
import troggle.settings as settings
-from troggle.core.utils import ( COOKIE_MAX_AGE,
+from troggle.core.utils import (
+ get_cookie_max_age,
WriteAndCommitError, get_editor,
git_string,
write_binary_file, write_and_commit, write_files,
@@ -409,7 +410,7 @@ def new_image_form(request, path):
)
save_original_in_expofiles(f, year, form.cleaned_data["photographer"], host, image_rel_path, referer)
j_response = JsonResponse({"html": html_snippet})
- j_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # does NOT seem to work updating who_are_you cookie
+ j_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # does NOT work updating who_are_you cookie - because it is JsonResponse not HttpResponse.
return j_response
else:
# print(f"new_image_form(): not POST ")
diff --git a/core/views/expo.py b/core/views/expo.py
index 2d617b8..723f772 100644
--- a/core/views/expo.py
+++ b/core/views/expo.py
@@ -14,7 +14,7 @@ import troggle.core.views.caves
import troggle.settings as settings
from troggle.core.models.caves import Cave
from troggle.core.utils import (
- COOKIE_MAX_AGE,
+ get_cookie_max_age,
WriteAndCommitError,
current_expo,
git_string,
@@ -493,8 +493,8 @@ def editexpopage(request, path):
if not filefound or result != html: # Check if content changed at all
edit_response = HttpResponseRedirect(reverse("expopage", args=[path])) # Redirect after POST
- edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
- print(f"Cookie set: {editor} for {COOKIE_MAX_AGE/(24*3600)} days")
+ edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
+ print(f"Cookie set: {editor} for {get_cookie_max_age()/(3600)} hour(s)")
try:
change_message = pageform.cleaned_data["change_message"]
write_and_commit([(filepath, result, "utf-8")], f"{change_message} - online edit of {path}", editor)
@@ -610,7 +610,7 @@ def edittxtpage(request, path, filepath):
savepath = "/" + path
print(f"redirect {savepath}")
response = redirect(savepath) # Redirect after POST
- response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+ response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
return response
else:
diff --git a/core/views/logbook_edit.py b/core/views/logbook_edit.py
index 7207842..7a79528 100644
--- a/core/views/logbook_edit.py
+++ b/core/views/logbook_edit.py
@@ -13,7 +13,7 @@ from troggle.core.models.logbooks import LogbookEntry, PersonLogEntry, writelogb
from troggle.core.models.survex import DrawingFile
from troggle.core.models.troggle import DataIssue, Expedition, PersonExpedition
from troggle.core.utils import (
- COOKIE_MAX_AGE,
+ get_cookie_max_age,
add_commit,
alphabet_suffix,
current_expo,
@@ -344,7 +344,7 @@ def logbookedit(request, year=None, slug=None):
# error settings e.g dateflag and authroflag so the user gets no feedback about bad data entered.
# so we need to pass the flags explicitly in the url and then extract them from the request in the GET bit. sigh.
response = HttpResponseRedirect(f"/logbookedit/{slug}?dateflag={dateflag}&authorflag={authorflag}")
- response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+ response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
return response
# Do the redirect instead of this:
diff --git a/core/views/other.py b/core/views/other.py
index 6d1b175..fd1d1ef 100644
--- a/core/views/other.py
+++ b/core/views/other.py
@@ -11,7 +11,7 @@ from troggle.core.models.logbooks import LogbookEntry, writelogbook # , PersonL
# from databaseReset import reinit_db # don't do this. databaseRest runs code *at import time*
from troggle.core.models.troggle import Expedition
-from troggle.core.utils import current_expo, COOKIE_MAX_AGE
+from troggle.core.utils import current_expo, COOKIE_SHORT_TIMEOUT
from troggle.parsers.imports import (
import_caves,
import_drawingsfiles,
@@ -38,9 +38,11 @@ todo = """
def public_laptop(request):
"""Just sets a cookie. Visit this web page from Crowley, Anathema, Aziraphale, Pulsifer etc.
+
+ This hack to be replaced in due course by a proper call from a user saying whether they are using a shared machine or not.
"""
- response = HttpResponse("Cookie has been set on this machine, which now defines it as a public laptop. So login cookie lifetimes will now be short.")
- response.set_cookie("public_laptop", "this is a public laptop", max_age=COOKIE_MAX_AGE) # Cookie expires in 1 hour
+ response = HttpResponse(f"Cookie has been set on this machine, which now defines it as a public laptop. So the login cookie lifetimes will now be short:{COOKIE_SHORT_TIMEOUT/(60*60)} hour(s)")
+ response.set_cookie("public_laptop", "this is a public laptop", max_age=COOKIE_SHORT_TIMEOUT) # Cookie expires in 1 hour
return response
def todos(request, module):
diff --git a/core/views/signup.py b/core/views/signup.py
index bb85e03..4f5365a 100644
--- a/core/views/signup.py
+++ b/core/views/signup.py
@@ -12,7 +12,6 @@ from troggle.core.models.troggle import DataIssue, Person, PersonExpedition
from troggle.core.models.logbooks import Expedition
from troggle.core.views.editor_helpers import HTMLarea
from troggle.core.utils import (
- COOKIE_MAX_AGE,
WriteAndCommitError,
add_commit,
current_expo,
diff --git a/core/views/survex.py b/core/views/survex.py
index fe95825..3c7e26a 100644
--- a/core/views/survex.py
+++ b/core/views/survex.py
@@ -18,7 +18,7 @@ from troggle.core.models.logbooks import LogbookEntry
from troggle.core.models.survex import SurvexBlock, SurvexFile #, SurvexDirectory
from troggle.core.models.wallets import Wallet
from troggle.core.utils import (
- COOKIE_MAX_AGE,
+ get_cookie_max_age,
add_commit,
current_expo,
get_editor,
@@ -441,8 +441,8 @@ def svx(request, survex_file):
else:
edit_response = render(request, "svxfile.html", vmap)
- edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
- print(f"Cookie reset: {editor} for another {COOKIE_MAX_AGE/3600} hours")
+ edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
+ print(f"Cookie reset: {editor} for another {get_cookie_max_age()/3600} hour(s)")
return edit_response
diff --git a/core/views/uploads.py b/core/views/uploads.py
index 691e54d..9e07978 100644
--- a/core/views/uploads.py
+++ b/core/views/uploads.py
@@ -12,7 +12,7 @@ from troggle.core.models.caves import GetCaveLookup
from troggle.core.models.survex import DrawingFile
from troggle.core.models.troggle import DataIssue, Expedition, PersonExpedition
from troggle.core.utils import (
- COOKIE_MAX_AGE,
+ get_cookie_max_age,
alphabet_suffix,
current_expo,
get_editor,
@@ -755,5 +755,5 @@ def dwgupload(request, folder=None, gitdisable="no"):
"who_are_you": editor,
},
)
- response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+ response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
return response
diff --git a/core/views/wallets_edit.py b/core/views/wallets_edit.py
index 9babbb2..a6bedeb 100644
--- a/core/views/wallets_edit.py
+++ b/core/views/wallets_edit.py
@@ -20,7 +20,7 @@ from troggle.core.models.survex import SurvexBlock, SurvexFile, SurvexPersonRole
from troggle.core.models.troggle import DataIssue, Expedition
from troggle.core.models.wallets import YEAR_RANGE, Wallet, make_valid_date
from troggle.core.utils import (
- COOKIE_MAX_AGE,
+ get_cookie_max_age,
WriteAndCommitError,
add_commit,
current_expo,
@@ -978,6 +978,6 @@ def walletedit(request, path=None):
"freetextsize": str(max(60, len(str(freetext)))),
},
)
- edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+ edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
return edit_response
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-07 05:23:53 +0000