diff options
| -rw-r--r-- | wqflask/wqflask/__init__.py | 23 | ||||
| -rw-r--r-- | wqflask/wqflask/user_session.py | 19 |
2 files changed, 19 insertions, 23 deletions
diff --git a/wqflask/wqflask/__init__.py b/wqflask/wqflask/__init__.py index fab66e60..4b372851 100644 --- a/wqflask/wqflask/__init__.py +++ b/wqflask/wqflask/__init__.py @@ -129,29 +129,6 @@ def include_admin_role_class(): def include_data_role_class(): return {'DataRole': DataRole} -@app.before_request -def get_user_session(): - # import here to prevent circular import issues - from wqflask.user_session import UserSession - g.user_session = UserSession() - # I think this should solve the issue of deleting the cookie and redirecting to the home page when a user's session has expired - if not g.user_session: - response = make_response(redirect(url_for('login'))) - response.set_cookie('session_id_v2', '', expires=0) - return response - -@app.after_request -def set_user_session(response): - if hasattr(g, 'user_session'): - if not request.cookies.get(g.user_session.cookie_name): - response.set_cookie(g.user_session.cookie_name, - g.user_session.cookie) - else: - response.set_cookie('session_id_v2', '', expires=0) - return response - - - from wqflask import group_manager from wqflask import resource_manager diff --git a/wqflask/wqflask/user_session.py b/wqflask/wqflask/user_session.py index 60125b57..ef53a324 100644 --- a/wqflask/wqflask/user_session.py +++ b/wqflask/wqflask/user_session.py @@ -26,6 +26,25 @@ THREE_DAYS = 60 * 60 * 24 * 3 THIRTY_DAYS = 60 * 60 * 24 * 30 +@app.before_request +def get_user_session(): + g.user_session = UserSession() + # I think this should solve the issue of deleting the cookie and redirecting to the home page when a user's session has expired + if not g.user_session: + response = make_response(redirect(url_for('login'))) + response.set_cookie('session_id_v2', '', expires=0) + return response + +@app.after_request +def set_user_session(response): + if hasattr(g, 'user_session'): + if not request.cookies.get(g.user_session.cookie_name): + response.set_cookie(g.user_session.cookie_name, + g.user_session.cookie) + else: + response.set_cookie('session_id_v2', '', expires=0) + return response + def verify_cookie(cookie): the_uuid, separator, the_signature = cookie.partition(':') assert len(the_uuid) == 36, "Is session_id a uuid?" |