ó Ý*µPc@s”yddlmZWnek r3ddlZnXddlmZddlmZddlm Z de fd„ƒYZ de fd „ƒYZ dS( iÿÿÿÿ(tcPickleN(tsettings(tsigning(t SessionBasetPickleSerializercBs eZdZd„Zd„ZRS(sY Simple wrapper around pickle to be used in signing.dumps and signing.loads. cCstj|tjƒS(N(tpickletdumpstHIGHEST_PROTOCOL(tselftobj((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyRscCs tj|ƒS(N(Rtloads(Rtdata((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyR s(t__name__t __module__t__doc__RR (((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyR s t SessionStorecBs_eZd„Zd„Zed„Zdd„Zdd„Zd„Z d„Z e d„ƒZ RS( cCsTy)tj|jdtdtjddƒSWn$tjtfk rO|jƒnXiS(sÁ We load the data from the key itself instead of fetching from some external data store. Opposite of _get_session_key(), raises BadSignature if signature fails. t serializertmax_agetsalts/django.contrib.sessions.backends.signed_cookies( RR t session_keyRRtSESSION_COOKIE_AGEt BadSignaturet ValueErrortcreate(R((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pytloads  cCs t|_dS(s¡ To create a new key, we simply make sure that the modified flag is set so that the cookie is set on the client for the current request. N(tTruetmodified(R((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyR*scCs|jƒ|_t|_dS(s½ To save, we get the session key as a securely signed string and then set the modified flag so that the cookie is set on the client for the current request. N(t_get_session_keyt _session_keyRR(Rt must_create((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pytsave1scCstS(sµ This method makes sense when you're talking to a shared resource, but it doesn't matter when you're storing the information in the client's cookie. (tFalse(RR((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pytexists:scCsd|_i|_t|_dS(s To delete, we clear the session key and the underlying data structure and set the modified flag so that the cookie is set on the client for the current request. tN(Rt_session_cacheRR(RR((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pytdeleteBs  cCs|jƒdS(sÈ Keeps the same data but with a new key. To do this, we just have to call ``save()`` and it will automatically save a cookie with a new key at the end of the request. N(R(R((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyt cycle_keyLscCs1t|diƒ}tj|dtdddtƒS(sþ Most session backends don't need to override this method, but we do, because instead of generating a random string, we want to actually generate a secure url-safe Base64-encoded string of data as our session key. R"tcompressRs/django.contrib.sessions.backends.signed_cookiesR(tgetattrRRRR(Rt session_cache((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyRTscCsdS(N((tcls((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyt clear_expired`sN( R R RRRRtNoneR R#R$Rt classmethodR)(((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyRs     ( tdjango.utils.six.movesRRt ImportErrort django.confRt django.coreRt%django.contrib.sessions.backends.baseRtobjectRR(((sH../Django//lib/python/django/contrib/sessions/backends/signed_cookies.pyts