[Zope3-checkins] CVS: Zope3/src/zope/app/services - session.py:1.5

Steve Alexander steve@cat-box.net
Thu, 27 Feb 2003 03:12:02 -0500


Update of /cvs-repository/Zope3/src/zope/app/services
In directory cvs.zope.org:/tmp/cvs-serv1778/src/zope/app/services

Modified Files:
	session.py 
Log Message:
Added a method getCookie to IHTTPResponse.
I needed this to fix a bug in sessions, where if you asked for the session
more than once in the same request, it wouldn't realise that it had already
created a session for that request. This was because the sessions code
was only looking in the request for the relevant cookie. It needs to look
in the response and in the request.


=== Zope3/src/zope/app/services/session.py 1.4 => 1.5 ===
--- Zope3/src/zope/app/services/session.py:1.4	Thu Dec 26 14:13:09 2002
+++ Zope3/src/zope/app/services/session.py	Thu Feb 27 03:11:31 2003
@@ -63,7 +63,14 @@
     def getRequestId(self, request):
         """Return the sessionId encoded in request or None if it's
         non-existent."""
-        sid = request.cookies.get(self.namespace)
+        # If there is an id set on the response, use that but don't trust it.
+        # We need to check the response in case there has already been a new
+        # session created during the course of this request.
+        response_cookie = request.response.getCookie(self.namespace)
+        if response_cookie:
+            sid = response_cookie['value']
+        else:
+            sid = request.cookies.get(self.namespace)
         if sid is None or len(sid) != 54:
             return None
         s, mac = sid[:27], sid[27:]