mirror of
https://github.com/Mailu/Mailu.git
synced 2025-05-27 22:57:38 +02:00
Merge #2103
2103: Fix issue 2102 (bug introduced in 2098) r=mergify[bot] a=Diman0 ## What type of PR? Bug-fix ## What does this PR do? The changes to session management introduced in #2094 #2098 introduced new bugs. This PR addresses these. ### Related issue(s) - Auto close an issue like: closes #2102 ## Prerequisites Before we can consider review and merge, please make sure the following list is done and checked. If an entry in not applicable, you can check it or remove it from the list. - [x] In case of feature or enhancement: documentation updated accordingly - [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
This commit is contained in:
commit
cd8479414e
@ -300,7 +300,7 @@ class MailuSessionConfig:
|
||||
# default size of session key parts
|
||||
uid_bits = 64 # default if SESSION_KEY_BITS is not set in config
|
||||
sid_bits = 128 # for now. must be multiple of 8!
|
||||
time_bits = 32 # for now. must be multiple of 8!
|
||||
time_bits = 32 # for now. must be multiple of 8!
|
||||
|
||||
def __init__(self, app=None):
|
||||
|
||||
@ -341,6 +341,9 @@ class MailuSessionConfig:
|
||||
def parse_key(self, key, app=None, now=None):
|
||||
""" Split key into sid, uid and creation time. """
|
||||
|
||||
if app is None:
|
||||
app = flask.current_app
|
||||
|
||||
if not (isinstance(key, bytes) and self._key_min <= len(key) <= self._key_max):
|
||||
return None
|
||||
|
||||
@ -357,7 +360,7 @@ class MailuSessionConfig:
|
||||
if now is None:
|
||||
now = int(time.time())
|
||||
created = int.from_bytes(created, byteorder='big')
|
||||
if not created <= now <= created + self.app.config['PERMANENT_SESSION_LIFETIME']:
|
||||
if not created <= now <= created + app.config['PERMANENT_SESSION_LIFETIME']:
|
||||
return None
|
||||
|
||||
return (uid, sid, crt)
|
||||
@ -422,8 +425,8 @@ class MailuSessionExtension:
|
||||
|
||||
count = 0
|
||||
for key in app.session_store.list():
|
||||
if key.startswith('token-'):
|
||||
if sessid := app.session_store.get(token):
|
||||
if key.startswith(b'token-'):
|
||||
if sessid := app.session_store.get(key):
|
||||
if not app.session_config.parse_key(sessid, app, now=now):
|
||||
app.session_store.delete(sessid)
|
||||
app.session_store.delete(key)
|
||||
@ -451,7 +454,7 @@ class MailuSessionExtension:
|
||||
|
||||
count = 0
|
||||
for key in app.session_store.list(prefix):
|
||||
if key not in keep and not key.startswith('token-'):
|
||||
if key not in keep and not key.startswith(b'token-'):
|
||||
app.session_store.delete(key)
|
||||
count += 1
|
||||
|
||||
|
1
towncrier/newsfragments/2102.fix
Normal file
1
towncrier/newsfragments/2102.fix
Normal file
@ -0,0 +1 @@
|
||||
Fix bug introduced by enhanced session management (PR #2098)
|
Loading…
x
Reference in New Issue
Block a user