2016-10-28 18:25:52 +00:00
|
|
|
from hashlib import sha224
|
|
|
|
|
|
|
|
from django.conf import settings as django_settings
|
|
|
|
from django.utils.deprecation import MiddlewareMixin
|
|
|
|
|
|
|
|
|
|
|
|
class SessionManagementMiddleware(MiddlewareMixin):
|
|
|
|
"""
|
|
|
|
Maintain a `op_browser_state` cookie along with the `sessionid` cookie that
|
|
|
|
represents the End-User's login state at the OP. If the user is not logged
|
|
|
|
in then use `SECRET_KEY` value.
|
|
|
|
"""
|
|
|
|
|
|
|
|
def process_response(self, request, response):
|
2016-11-04 18:40:35 +00:00
|
|
|
session_state = sha224((request.session.session_key or django_settings.SECRET_KEY).encode('utf-8')).hexdigest()
|
2016-10-28 18:25:52 +00:00
|
|
|
response.set_cookie('op_browser_state', session_state)
|
|
|
|
return response
|