Session utility implemented using cookies.
cookieLifetime
(type:
FieldProperty
)
<zope.schema.fieldproperty.FieldProperty object at 0x41a8b9ec>
thirdparty
(type:
FieldProperty
)
<zope.schema.fieldproperty.FieldProperty object at 0x41a8b32c>
generateUniqueId()
Generate a new, random, unique id.
>>> bim = CookieClientIdManager() >>> id1 = bim.generateUniqueId() >>> id2 = bim.generateUniqueId() >>> id1 != id2 True
getClientId(request)
Get the client id
This creates one if necessary:
>>> from zope.publisher.http import HTTPRequest >>> request = HTTPRequest(StringIO(''), {}, None) >>> bim = CookieClientIdManager() >>> id = bim.getClientId(request) >>> id == bim.getClientId(request) True
The id is retained accross requests:
>>> request2 = HTTPRequest(StringIO(''), {}, None) >>> request2._cookies = dict( ... [(name, cookie['value']) ... for (name, cookie) in request.response._cookies.items() ... ]) >>> id == bim.getClientId(request2) True >>> bool(id) True
Note that the return value of this function is a string, not an IClientId. This is because this method is used to implement the IClientId Adapter.
>>> type(id) == type('') True
It's also possible to use third-party cookies. E.g. Apache mod_uid or Nginx ngx_http_userid_module are able to issue user tracking cookies in front of Zope. In case thirdparty is activated Zope may not set a cookie.
>>> bim.thirdparty = True >>> request3 = HTTPRequest(StringIO(''), {}, None) >>> bim.getClientId(request3) Traceback (most recent call last): ... MissingClientIdException >>> cookie = request3.response.getCookie(bim.namespace) >>> cookie is None True
getRequestId(request)
Return the browser id encoded in request as a string
Return None if an id is not set.
For example:
>>> from zope.publisher.http import HTTPRequest >>> request = HTTPRequest(StringIO(''), {}, None) >>> bim = CookieClientIdManager()
Because no cookie has been set, we get no id:
>>> bim.getRequestId(request) is None True
We can set an id:
>>> id1 = bim.generateUniqueId() >>> bim.setRequestId(request, id1)
And get it back:
>>> bim.getRequestId(request) == id1 True
When we set the request id, we also set a response cookie. We can simulate getting this cookie back in a subsequent request:
>>> request2 = HTTPRequest(StringIO(''), {}, None) >>> request2._cookies = dict( ... [(name, cookie['value']) ... for (name, cookie) in request.response._cookies.items() ... ])
And we get the same id back from the new request:
>>> bim.getRequestId(request) == bim.getRequestId(request2) True
If another server is managing the ClientId cookies (Apache, Nginx) we're returning their value without checking:
>>> bim.namespace = 'uid' >>> bim.thirdparty = True >>> request3 = HTTPRequest(StringIO(''), {}, None) >>> request3._cookies = {'uid': 'AQAAf0Y4gjgAAAQ3AwMEAg=='} >>> bim.getRequestId(request3) 'AQAAf0Y4gjgAAAQ3AwMEAg=='
setRequestId(request, id)
Set cookie with id on request.
This sets the response cookie:
See the examples in getRequestId.
Note that the id is checkec for validity. Setting an invalid value is silently ignored:
>>> from zope.publisher.http import HTTPRequest >>> request = HTTPRequest(StringIO(''), {}, None) >>> bim = CookieClientIdManager() >>> bim.getRequestId(request) >>> bim.setRequestId(request, 'invalid id') >>> bim.getRequestId(request)
For now, the cookie path is the application URL:
>>> cookie = request.response.getCookie(bim.namespace) >>> cookie['path'] == request.getApplicationURL(path_only=True) True
In the future, it should be the site containing the CookieClientIdManager
By default, session cookies don't expire:
>>> cookie.has_key('expires') False
Expiry time of 0 means never (well - close enough)
>>> bim.cookieLifetime = 0 >>> request = HTTPRequest(StringIO(''), {}, None) >>> bid = bim.getClientId(request) >>> cookie = request.response.getCookie(bim.namespace) >>> cookie['expires'] 'Tue, 19 Jan 2038 00:00:00 GMT'
A non-zero value means to expire after than number of seconds:
>>> bim.cookieLifetime = 3600 >>> request = HTTPRequest(StringIO(''), {}, None) >>> bid = bim.getClientId(request) >>> cookie = request.response.getCookie(bim.namespace) >>> import rfc822 >>> expires = time.mktime(rfc822.parsedate(cookie['expires'])) >>> expires > time.mktime(time.gmtime()) + 55*60 True
If another server in front of Zope (Apache, Nginx) is managing the cookies we won't set any ClientId cookies:
>>> request = HTTPRequest(StringIO(''), {}, None) >>> bim.thirdparty = True >>> bim.setRequestId(request, '1234') >>> cookie = request.response.getCookie(bim.namespace) >>> cookie
There are no known subclasses.