1 import os

     2 import tempfile

     3 from django.conf import settings

     4 from django.contrib.sessions.backends.base import SessionBase

     5 from django.core.exceptions import SuspiciousOperation, ImproperlyConfigured

     6 

     7 class SessionStore(SessionBase):

     8     """

     9     Implements a file based session store.

    10     """

    11     def __init__(self, session_key=None):

    12         self.storage_path = getattr(settings, "SESSION_FILE_PATH", None)

    13         if not self.storage_path:

    14             self.storage_path = tempfile.gettempdir()

    15 

    16         # Make sure the storage path is valid.

    17         if not os.path.isdir(self.storage_path):

    18             raise ImproperlyConfigured("The session storage path %r doesn't exist. "\

    19                                        "Please set your SESSION_FILE_PATH setting "\

    20                                        "to an existing directory in which Django "\

    21                                        "can store session data." % self.storage_path)

    22 

    23         self.file_prefix = settings.SESSION_COOKIE_NAME

    24         super(SessionStore, self).__init__(session_key)

    25 

    26     def _key_to_file(self, session_key=None):

    27         """

    28         Get the file associated with this session key.

    29         """

    30         if session_key is None:

    31             session_key = self.session_key

    32 

    33         # Make sure we're not vulnerable to directory traversal. Session keys

    34         # should always be md5s, so they should never contain directory components.

    35         if os.path.sep in session_key:

    36             raise SuspiciousOperation("Invalid characters (directory components) in session key")

    37 

    38         return os.path.join(self.storage_path, self.file_prefix + session_key)

    39 

    40     def load(self):

    41         session_data = {}

    42         try:

    43             session_file = open(self._key_to_file(), "rb")

    44             try:

    45                 try:

    46                     session_data = self.decode(session_file.read())

    47                 except(EOFError, SuspiciousOperation):

    48                     self._session_key = self._get_new_session_key()

    49                     self._session_cache = {}

    50                     self.save()

    51                     # Ensure the user is notified via a new cookie.

    52                     self.modified = True

    53             finally:

    54                 session_file.close()

    55         except(IOError):

    56             pass

    57         return session_data

    58 

    59     def save(self):

    60         try:

    61             f = open(self._key_to_file(self.session_key), "wb")

    62             try:

    63                 f.write(self.encode(self._session))

    64             finally:

    65                 f.close()

    66         except(IOError, EOFError):

    67             pass

    68 

    69     def exists(self, session_key):

    70         if os.path.exists(self._key_to_file(session_key)):

    71             return True

    72         return False

    73 

    74     def delete(self, session_key):

    75         try:

    76             os.unlink(self._key_to_file(session_key))

    77         except OSError:

    78             pass

    79 

    80     def clean(self):

    81         pass