|
@ -23,10 +23,14 @@ class LoggedInHintCookieMiddleware(object): |
|
|
if hasattr(settings, 'LOGGED_IN_HINT_COOKIE_NAME'): |
|
|
if hasattr(settings, 'LOGGED_IN_HINT_COOKIE_NAME'): |
|
|
self.cookie_name = settings.LOGGED_IN_HINT_COOKIE_NAME |
|
|
self.cookie_name = settings.LOGGED_IN_HINT_COOKIE_NAME |
|
|
else: self.cookie_name = 'logged_in_hint' |
|
|
else: self.cookie_name = 'logged_in_hint' |
|
|
|
|
|
self.cookie_value = 'True' |
|
|
|
|
|
|
|
|
|
|
|
def cookie_correct(self, request): |
|
|
|
|
|
return self.cookie_name in request.COOKIES and request.COOKIES[self.cookie_name] == self.cookie_value |
|
|
|
|
|
|
|
|
def process_request(self, request): |
|
|
def process_request(self, request): |
|
|
if not request.is_secure(): |
|
|
if not request.is_secure(): |
|
|
if self.cookie_name in request.COOKIES and request.COOKIES[self.cookie_name] == 'True': |
|
|
if self.cookie_correct(request): |
|
|
# redirect insecure (assuming http) requests with hint cookie to https |
|
|
# redirect insecure (assuming http) requests with hint cookie to https |
|
|
url = HttpRequest.build_absolute_uri() |
|
|
url = HttpRequest.build_absolute_uri() |
|
|
assert url[:5] == 'http:' |
|
|
assert url[:5] == 'http:' |
|
@ -35,10 +39,11 @@ class LoggedInHintCookieMiddleware(object): |
|
|
|
|
|
|
|
|
def process_response(self, request, response): |
|
|
def process_response(self, request, response): |
|
|
if request.is_secure(): |
|
|
if request.is_secure(): |
|
|
# assuming full session info (as the conn. is secure), update hint |
|
|
# assuming full session info (as the conn. is secure) |
|
|
if request.user.is_authenticated(): |
|
|
if request.user.is_authenticated(): |
|
|
|
|
|
if not self.cookie_correct(request): |
|
|
expiry = None if request.session.get_expire_at_browser_close() else request.session.get_expiry_date() |
|
|
expiry = None if request.session.get_expire_at_browser_close() else request.session.get_expiry_date() |
|
|
response.set_cookie(self.cookie_name, value='True', expires=expiry, secure=False) |
|
|
response.set_cookie(self.cookie_name, value=self.cookie_value, expires=expiry, secure=False) |
|
|
else: |
|
|
else: |
|
|
if self.cookie_name in request.COOKIES: |
|
|
if self.cookie_name in request.COOKIES: |
|
|
response.delete_cookie(self.cookie_name) |
|
|
response.delete_cookie(self.cookie_name) |
|
|