|
Ryan Kaskel
ryan at ryankaskel.com
Thu May 10 20:57:06 EDT 2007
John Raines wrote: > > *Syntax of the Set-Cookie HTTP Response Header* > > This is the format a CGI script would use to add to the HTTP headers a > new piece of data which is to be stored by the client for later retrieval. > Set-Cookie: /NAME/=/VALUE/; expires=/DATE/; > path=/PATH/; domain=/DOMAIN_NAME/; secure > /NAME/=/VALUE/ > This string is a sequence of characters excluding semi-colon, comma > and white space. If there is a need to place such data in the name or > value, some encoding method such as URL style %XX encoding is > recommended, though no encoding is defined or required. > This is the only required attribute on the *Set-Cookie* header. > > *expires*=/DATE/ > The *expires* attribute specifies a date string that defines the valid > life time of that cookie. Once the expiration date has been reached, > the cookie will no longer be stored or given out. > The date string is formatted as: > Wdy, DD-Mon-YYYY HH:MM:SS GMT > This is based on RFC 822 <http://ds.internic.net/rfc/rfc822.txt>, RFC > 850 <http://ds.internic.net/rfc/rfc850.txt>, RFC 1036 > <http://www.w3.org/hypertext/WWW/Protocols/rfc1036/rfc1036.html#z6>, > and RFC 1123 <http://ds1.internic.net/rfc/rfc1123.txt>, with the > variations that the only legal time zone is *GMT* and the separators > between the elements of the date must be dashes. > > *expires* is an optional attribute. If not specified, the cookie will > expire when the user's session ends. > > > So if you don't specify, the cookie disappears when the browser quits. > Not sure if you looked at what I did but I found the reason anyway. If I change the code to this: value = {'user': req.form['user'], 'passw': req.form['pass']} c = Cookie.MarshalCookie('example1', value, 'example') c.expires=time.time() + 3000 Cookie.add_cookie(req,c) It works. After looking at the Cookie.py source, it seems that that set_expires is only called when expires is used as an instance attribute and not here: *def* *__init__*(self, name, value, **kw): *""" This constructor takes at least a name and value as the arguments, as well as optionally any of allowed cookie attributes as defined in the existing cookie standards. """* self.name, self.value = name, value *for* k *in* kw: setattr(self, k.lower(), kw[k]) # set_expires not called here when k == 'expires'? /# subclasses can use this for internal stuff / self.__data__ = {} Anyway, not sure if what I'm saying is correct but the example given in the docs (pass expires as an argument): c = Cookie.Cookie('spam', 'eggs', expires=time.time()+300) Cookie.add_cookie(req, c) didn't work (albeit using the MarshalCookie class instead) but it did work when I used c.expires. Ryan > > On May 10, 2007, at 1:39 PM, Ryan Kaskel wrote: > >> I am trying to fiddle around with AJAX but before I can get to that >> part I need to make a little test login system will automatically log >> the user in if a cookie is found. The problem is when I close the >> browser the cookie is deleted. Everything else should work (when I >> click the logout button I am still staying logged in because it found >> the cookie). Does it have something to do with my browser or an >> attribute I am not setting when I create the cookie. >> >> Thanks, >> Ryan >> >> below is the code: >> >> import time >> from mod_python import util >> from mod_python import Session, Cookie >> >> username = "test" >> password = "pass" >> >> main_page2 = """ >> <html> >> <head> >> <title>Main</title> >> </head> >> <body> >> Welcome! >> <p> <a href=\"./logout\">Logout</a> </p> >> </body> >> </html> >> """ >> >> login_page = """ >> <html> >> <head> >> <title>Login</title> >> </head> >> <body> >> <h1>Please login</h1> >> <form action=\"./login\" method=\"POST\"> >> Username <input type=\"text\" name=\"user\"/> <br/> >> Password <input type=\"text\" name=\"pass\"/> <br/> >> Remember me? <input type=\"checkbox\" name=\"remember\"/> <br/> >> <button type=\"submit\">Login</button> >> </form> >> </body> >> </html> >> """ >> def main(req): >> req.content_type = 'text/html' >> main_page = main_page2 >> session = Session.Session(req) >> cookies = Cookie.get_cookies(req, Cookie.MarshalCookie, >> secret="example") >> if cookies.has_key('example1'): >> cookie = cookies['example1'] >> if type(cookie) is Cookie.MarshalCookie: >> data = cookie.value >> main_page = data['user'] + " " + data['passw'] + main_page >> session['valid'] = 'true' >> session.save() >> else: >> if session.is_new(): >> util.redirect(req,'./login') >> if session['valid'] != 'true': >> util.redirect(req,'./login') >> req.write(main_page) >> >> def login(req): >> req.content_type = "text/html" >> if req.method == 'POST': >> if req.form['user'] == username and req.form['pass'] == password: >> session = Session.Session(req) >> session['valid'] = 'true' >> session.save() >> if req.form.has_key('remember') and req.form['remember']: >> value = {'user': req.form['user'], 'passw': >> req.form['pass']} >> Cookie.add_cookie(req, >> Cookie.MarshalCookie('example1', value,'example'), >> expires=time.time() + 3000000) >> util.redirect(req,'./main') >> else: >> req.write("bad credentials") >> else: >> req.write(str(Cookie.get_cookies(req, Cookie.MarshalCookie, >> secret='example'))) >> req.write(login_page) >> >> def logout(req): >> req.content_type = "text/html" >> session = Session.Session(req) >> if session.has_key('valid'): >> session.delete() >> util.redirect(req,'./main') >> >> _______________________________________________ >> Mod_python mailing list >> Mod_python at modpython.org <mailto:Mod_python at modpython.org> >> http://mailman.modpython.org/mailman/listinfo/mod_python >
|