refactoring cookie age as a function not a constant

core/utils.py

@@ -46,6 +46,7 @@ TROG = {"pagecache": {"expedition": {}}, "caves": {"gcavelookup": {}, "gcavecoun
 alphabet = []
 sha = hashlib.new('sha256')
 COOKIE_MAX_AGE = 2*365*24*60*60 # seconds
+COOKIE_SHORT_TIMEOUT = 60*60 # seconds
 throw = 35.0
 
 EXPOSERVER = "expo" # hostname of the server at expo.survex.com
@@ -76,6 +77,11 @@ except:
     # Opening of file for writing is going to fail currently, so decide it doesn't matter for now
     pass
 
+def get_cookie_max_age():
+    """This is where we detect whether the machine the user is using is a shared-use device or a personbal device.
+    If it is shared-use, then we set a much shorter cookie timout period.
+    """
+    return COOKIE_MAX_AGE
 
 def sanitize_name(name):
     """Filenames sould not contain these characters as then the system barf when it tries to use them in URLs

core/views/cave_kataster.py

@@ -9,7 +9,6 @@ from django.shortcuts import redirect, render
 import troggle.settings as settings
 #from troggle.core.models.caves import Entrance, Cave
 from troggle.core.utils import (
-    COOKIE_MAX_AGE,
     WriteAndCommitError,
     current_expo,
     get_cookie,

core/views/caves.py

@@ -21,7 +21,7 @@ from troggle.core.models.caves import Cave, CaveAndEntrance, Entrance, GetCaveLo
 from troggle.core.models.logbooks import QM
 from troggle.core.models.wallets import Wallet
 from troggle.core.utils import (
-    COOKIE_MAX_AGE,
+    get_cookie_max_age,
     WriteAndCommitError,
     current_expo,
     get_editor, 
@@ -547,7 +547,7 @@ def edit_cave(request, path="", slug=None):
                 edit_response = HttpResponseRedirect("/" + cave.url)
             else:
                 edit_response = HttpResponseRedirect(reverse("newentrance", args = [cave.url_parent(), cave.slug()])) 
-            edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+            edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
 
             try:
                 cave_file = cave.file_output()
@@ -777,7 +777,7 @@ def edit_entrance(request, path="", caveslug=None, entslug=None):
             try:
                 write_and_commit([entrance_file, cave_file], f"Online edit of entrance {entrance.slug}", editor)
                 edit_response = HttpResponseRedirect("/" + cave.url)
-                edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+                edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
                 return edit_response
             except Exception as e:
                 efilepath, econtent, eencoding = entrance_file

core/views/editor_helpers.py

@@ -16,7 +16,8 @@ from django.conf import settings as django_settings
 from PIL import Image
 
 import troggle.settings as settings
-from troggle.core.utils import ( COOKIE_MAX_AGE, 
+from troggle.core.utils import ( 
+    get_cookie_max_age, 
     WriteAndCommitError, get_editor, 
     git_string, 
     write_binary_file, write_and_commit, write_files,
@@ -409,7 +410,7 @@ def new_image_form(request, path):
             )
             save_original_in_expofiles(f, year, form.cleaned_data["photographer"], host, image_rel_path, referer)
             j_response = JsonResponse({"html": html_snippet})
-            j_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # does NOT seem to work updating who_are_you cookie
+            j_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # does NOT work updating who_are_you cookie - because it is JsonResponse not HttpResponse.
             return j_response
     else:
         # print(f"new_image_form():  not POST ")

core/views/expo.py

@@ -14,7 +14,7 @@ import troggle.core.views.caves
 import troggle.settings as settings
 from troggle.core.models.caves import Cave
 from troggle.core.utils import (
-    COOKIE_MAX_AGE,
+    get_cookie_max_age,
     WriteAndCommitError,
     current_expo,
     git_string, 
@@ -493,8 +493,8 @@ def editexpopage(request, path):
 
             if not filefound or result != html:  # Check if content changed at all
                 edit_response = HttpResponseRedirect(reverse("expopage", args=[path]))  # Redirect after POST
-                edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+                edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
-                print(f"Cookie set: {editor} for {COOKIE_MAX_AGE/(24*3600)} days")
+                print(f"Cookie set: {editor} for {get_cookie_max_age()/(3600)} hour(s)")
                 try:
                     change_message = pageform.cleaned_data["change_message"]
                     write_and_commit([(filepath, result, "utf-8")], f"{change_message} - online edit of {path}", editor)
@@ -610,7 +610,7 @@ def edittxtpage(request, path, filepath):
                 savepath = "/" + path
                 print(f"redirect {savepath}")
                 response = redirect(savepath) # Redirect after POST
-                response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+                response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
                 return response  
                 
             else:

core/views/logbook_edit.py

@@ -13,7 +13,7 @@ from troggle.core.models.logbooks import LogbookEntry, PersonLogEntry, writelogb
 from troggle.core.models.survex import DrawingFile
 from troggle.core.models.troggle import DataIssue, Expedition, PersonExpedition
 from troggle.core.utils import (
-    COOKIE_MAX_AGE,
+    get_cookie_max_age,
     add_commit,
     alphabet_suffix,
     current_expo,
@@ -344,7 +344,7 @@ def logbookedit(request, year=None, slug=None):
             # error settings e.g dateflag and authroflag so the user gets no feedback about bad data entered.
             # so we need to pass the flags explicitly in the url and then extract them from the request in the GET bit. sigh.
             response = HttpResponseRedirect(f"/logbookedit/{slug}?dateflag={dateflag}&authorflag={authorflag}")
-            response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+            response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
             return response
             
             # Do the redirect instead of this:

core/views/other.py

@@ -11,7 +11,7 @@ from troggle.core.models.logbooks import LogbookEntry, writelogbook  # , PersonL
 
 # from databaseReset import reinit_db # don't do this. databaseRest runs code *at import time*
 from troggle.core.models.troggle import Expedition
-from troggle.core.utils import current_expo, COOKIE_MAX_AGE
+from troggle.core.utils import current_expo, COOKIE_SHORT_TIMEOUT
 from troggle.parsers.imports import (
     import_caves,
     import_drawingsfiles,
@@ -38,9 +38,11 @@ todo = """
 
 def public_laptop(request):
     """Just sets a cookie. Visit this web page from Crowley, Anathema, Aziraphale, Pulsifer etc.
+    
+    This hack to be replaced in due course by a proper call from a user saying whether they are using a shared machine or not.
     """
-    response = HttpResponse("Cookie has been set on this machine, which now defines it as a public laptop. So login cookie lifetimes will now be short.")
+    response = HttpResponse(f"Cookie has been set on this machine, which now defines it as a public laptop. So the login cookie lifetimes will now be short:{COOKIE_SHORT_TIMEOUT/(60*60)} hour(s)")
-    response.set_cookie("public_laptop", "this is a public laptop", max_age=COOKIE_MAX_AGE)  # Cookie expires in 1 hour
+    response.set_cookie("public_laptop", "this is a public laptop", max_age=COOKIE_SHORT_TIMEOUT)  # Cookie expires in 1 hour
     return response
 
 def todos(request, module):

core/views/signup.py

@@ -12,7 +12,6 @@ from troggle.core.models.troggle import DataIssue, Person, PersonExpedition
 from troggle.core.models.logbooks import Expedition
 from troggle.core.views.editor_helpers import HTMLarea
 from troggle.core.utils import (
-    COOKIE_MAX_AGE,
     WriteAndCommitError,
     add_commit,
     current_expo,

core/views/survex.py

@@ -18,7 +18,7 @@ from troggle.core.models.logbooks import LogbookEntry
 from troggle.core.models.survex import SurvexBlock, SurvexFile  #, SurvexDirectory
 from troggle.core.models.wallets import Wallet
 from troggle.core.utils import (
-    COOKIE_MAX_AGE, 
+    get_cookie_max_age, 
     add_commit, 
     current_expo, 
     get_editor, 
@@ -441,8 +441,8 @@ def svx(request, survex_file):
     else:
         edit_response = render(request, "svxfile.html", vmap)
         
-    edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+    edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
-    print(f"Cookie reset: {editor} for another {COOKIE_MAX_AGE/3600} hours")
+    print(f"Cookie reset: {editor} for another {get_cookie_max_age()/3600} hour(s)")
 
     return edit_response
 

core/views/uploads.py

@@ -12,7 +12,7 @@ from troggle.core.models.caves import GetCaveLookup
 from troggle.core.models.survex import DrawingFile
 from troggle.core.models.troggle import DataIssue, Expedition, PersonExpedition
 from troggle.core.utils import (
-    COOKIE_MAX_AGE,
+    get_cookie_max_age,
     alphabet_suffix,
     current_expo,
     get_editor,
@@ -755,5 +755,5 @@ def dwgupload(request, folder=None, gitdisable="no"):
             "who_are_you": editor,
         },
     )
-    response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+    response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
     return response

core/views/wallets_edit.py

@@ -20,7 +20,7 @@ from troggle.core.models.survex import SurvexBlock, SurvexFile, SurvexPersonRole
 from troggle.core.models.troggle import DataIssue, Expedition
 from troggle.core.models.wallets import YEAR_RANGE, Wallet, make_valid_date
 from troggle.core.utils import (
-    COOKIE_MAX_AGE,
+    get_cookie_max_age,
     WriteAndCommitError,
     add_commit,
     current_expo,
@@ -978,6 +978,6 @@ def walletedit(request, path=None):
                 "freetextsize": str(max(60, len(str(freetext)))),
             },
         )
-    edit_response.set_cookie('editor_id', editor, max_age=COOKIE_MAX_AGE) # cookie expires after COOKIE_MAX_AGE seconds
+    edit_response.set_cookie('editor_id', editor, max_age=get_cookie_max_age()) # cookie expires after get_cookie_max_age() seconds
     return edit_response