conditional renew sessions on login/logout

2013-09-12 16:31:41 -05:00
parent 809a004a60
commit be57c3ab5b
2 changed files with 8 additions and 4 deletions
--- a/2
+++ b/2
@@ -1 +1 @@
-Version 2.6.0-development+timestamp.2013.09.11.22.37.51
+Version 2.6.0-development+timestamp.2013.09.12.16.30.52
--- a/gluon/tools.py
+++ b/gluon/tools.py
@@ -921,7 +921,9 @@ class Auth(object):
        username_case_sensitive=True,
        update_fields = ['email'],
        ondelete="CASCADE",
-        client_side = True,
+        client_side = True, 
+        renew_session_onlogin=True,
+        renew_session_onlogout=True,
        keep_session_onlogin=True,
        keep_session_onlogout=False,
        wiki = Settings(),
@@ -1975,7 +1977,8 @@ class Auth(object):
            for key, value in user.items():
                if callable(value) or key=='password':
                    delattr(user,key)
-        current.session.renew(clear_session=not self.settings.keep_session_onlogin)
+        if self.settings.renew_session_onlogin:
+            current.session.renew(clear_session=not self.settings.keep_session_onlogin)
        current.session.auth = Storage(
            user = user,
            last_visit=current.request.now,
@@ -2412,7 +2415,8 @@ class Auth(object):

        current.session.auth = None
        current.session.flash = self.messages.logged_out
-        current.session.renew(clear_session=not self.settings.keep_session_onlogout)
+        if self.settings.renew_session_onlogout:
+            current.session.renew(clear_session=not self.settings.keep_session_onlogout)
        if not next is None:
            redirect(next)