get_cookie_name in SessionInterface for easier overriding in SecureCookieSessionInterface

2019-09-24 14:39:22 +03:00 · 2019-09-24 14:39:22 +03:00 · 0c0b31a789
commit 0c0b31a789
parent 4bceeccfff
3 changed files with 73 additions and 5 deletions
--- a/tests/test_reqctx.py
+++ b/tests/test_reqctx.py
@ -11,6 +11,7 @@
 import pytest

 import flask
+from flask.sessions import SecureCookieSessionInterface
 from flask.sessions import SessionInterface

 try:
@ -229,6 +230,58 @@ def test_session_error_pops_context():
    assert not flask.current_app


+def test_session_dynamic_cookie_name():
+
+    # This session interface will use a cookie with a different name if the
+    # requested url ends with the string "dynamic_cookie"
+    class PathAwareSessionInterface(SecureCookieSessionInterface):
+        def get_cookie_name(self, app):
+            if flask.request.url.endswith("dynamic_cookie"):
+                return "dynamic_cookie_name"
+            else:
+                return super(PathAwareSessionInterface, self).get_cookie_name(app)
+
+    class CustomFlask(flask.Flask):
+        session_interface = PathAwareSessionInterface()
+
+    app = CustomFlask(__name__)
+    app.secret_key = "secret_key"
+
+    @app.route("/set", methods=["POST"])
+    def set():
+        flask.session["value"] = flask.request.form["value"]
+        return "value set"
+
+    @app.route("/get")
+    def get():
+        v = flask.session.get("value", "None")
+        return v
+
+    @app.route("/set_dynamic_cookie", methods=["POST"])
+    def set_dynamic_cookie():
+        flask.session["value"] = flask.request.form["value"]
+        return "value set"
+
+    @app.route("/get_dynamic_cookie")
+    def get_dynamic_cookie():
+        v = flask.session.get("value", "None")
+        return v
+
+    test_client = app.test_client()
+
+    # first set the cookie in both /set urls but each with a different value
+    assert test_client.post("/set", data={"value": "42"}).data == b"value set"
+    assert (
+        test_client.post("/set_dynamic_cookie", data={"value": "616"}).data
+        == b"value set"
+    )
+
+    # now check that the relevant values come back - meaning that different
+    # cookies are being used for the urls that end with "dynamic cookie"
+    assert test_client.get("/get").data == b"42"
+    assert test_client.get("/get_dynamic_cookie").data == b"616"
+
+
 def test_bad_environ_raises_bad_request():
    app = flask.Flask(__name__)