Added the APPLICATION_ROOT configuration variable which is used by session backends.

2011-08-25 12:13:55 +01:00 · 2011-08-25 12:13:55 +01:00 · c844d02f1c
commit c844d02f1c
parent 45d963d6da
5 changed files with 43 additions and 3 deletions
--- a/flask/sessions.py
+++ b/flask/sessions.py
@ -127,6 +127,13 @@ class SessionInterface(object):
            # chop of the port which is usually not supported by browsers
            return '.' + app.config['SERVER_NAME'].rsplit(':', 1)[0]

+    def get_cookie_path(self, app):
+        """Returns the path for which the cookie should be valid.  The
+        default implementation uses the value from the ``APPLICATION_ROOT``
+        configuration variable or uses ``/`` if it's `None`.
+        """
+        return app.config['APPLICATION_ROOT'] or '/'
+
    def get_expiration_time(self, app, session):
        """A helper method that returns an expiration date for the session
        or `None` if the session is linked to the browser session.  The
@ -169,9 +176,10 @@ class SecureCookieSessionInterface(SessionInterface):
    def save_session(self, app, session, response):
        expires = self.get_expiration_time(app, session)
        domain = self.get_cookie_domain(app)
+        path = self.get_cookie_path(app)
        if session.modified and not session:
-            response.delete_cookie(app.session_cookie_name,
+            response.delete_cookie(app.session_cookie_name, path=path,
                                   domain=domain)
        else:
-            session.save_cookie(response, app.session_cookie_name,
+            session.save_cookie(response, app.session_cookie_name, path=path,
                                expires=expires, httponly=True, domain=domain)