Changeset 10414
- Timestamp:
- 7 Jul 2013, 08:42:04 (11 years ago)
- Location:
- main/waeup.cas/trunk/waeup/cas
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.cas/trunk/waeup/cas/server.py
r10413 r10414 1 1 """A WSGI app for serving CAS. 2 2 """ 3 import datetime 3 4 import os 4 5 import random … … 97 98 response.set_cookie( 98 99 'cas-tgc', tgc.value, path='/', secure=True, httponly=True) 100 return response 101 102 103 def delete_session_cookie(db, response, old_value=None): 104 """Delete session cookie. 105 106 Sets cookie with expiration date in past and deletes respective 107 entry from database. 108 """ 109 if old_value is not None: 110 # delete old tgc from db 111 q = db.query(TicketGrantingCookie).filter( 112 TicketGrantingCookie.value == old_value) 113 result = list(q) 114 if len(result) == 1: 115 db.delete(result[0]) 116 response.set_cookie( 117 'cas-tgc', '', path='/', secure=True, httponly=True, 118 expires=datetime.datetime(1970, 1, 1, 0, 0, 0)) 99 119 return response 100 120 -
main/waeup.cas/trunk/waeup/cas/tests/test_server.py
r10413 r10414 12 12 CASServer, create_service_ticket, create_login_ticket, 13 13 create_tgc_value, check_login_ticket, set_session_cookie, 14 check_session_cookie, get_template, 14 check_session_cookie, get_template, delete_session_cookie, 15 15 ) 16 16 17 17 RE_ALPHABET = re.compile('^[a-zA-Z0-9\-]*$') 18 18 RE_COOKIE = re.compile('^cas-tgc=[A-Za-z0-9\-]+; Path=/; secure; HttpOnly$') 19 RE_COOKIE_DEL = re.compile( 20 '^cas-tgc=; Max-Age=\-[0-9]+; Path=/; ' 21 'expires=Thu, 01-Jan-1970 00:00:00 GMT; secure; HttpOnly$') 19 22 20 23 … … 424 427 assert get_template('not-existing-template') is None 425 428 assert get_template('login.html') is not None 429 430 def test_delete_session_cookie(self): 431 # we can unset cookies 432 db = DB('sqlite:///') 433 tgc = create_tgc_value() 434 db.add(tgc) 435 value = tgc.value 436 resp = delete_session_cookie(db, Response(), old_value=value) 437 assert 'Set-Cookie' in resp.headers 438 cookie = resp.headers['Set-Cookie'] 439 assert RE_COOKIE_DEL.match(cookie), ( 440 'Cookie in unexpected format: %s' % cookie) 441 # the cookie values was deleted from database 442 q = db.query(TicketGrantingCookie).filter( 443 TicketGrantingCookie.value == value) 444 assert len(list(q)) == 0
Note: See TracChangeset for help on using the changeset viewer.