File python-cookiesession.spec of Package python-cookiesession

# norootforbuild

Name:           python-cookiesession
Version:        0.1
Release:        1
Summary:        A secure way to hold Django session data in cookies
License:        Apache 2.0
Group:          Development/Libraries/Python
Source:         cookiesession-%{version}.tar.gz
URL:            http://opensource.washingtontimes.com/projects/cookiesession
BuildRequires:  python-devel, python-setuptools
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
Requires:       python-django
%{py_requires}
%if %{?suse_version: %{suse_version} > 1110} %{!?suse_version:1}
BuildArch: noarch
%endif


%description
This package contains a drop-in replacement middleware for
django.contrib.sessions.middleware.SessionMiddleware to store all session data in
a browser cookie instead of the database. The code is based on a snippet from Christopher Lenz.
To prevent user tampering the session dictionary goes through the following encoding steps:
  * The session dictionary is converted into json
  * A sha1 hash is made with the json and the site's SECRET_KEY
  * The json and sha1 hash are concatenated, gzipped and base64 encoded.

Upon decoding:
  * The cookie is base64 decoded and ungzipped
  * The data is split into the sha1 hash and the json data
  * The sha1 hash is regenerated from the received json data and the site's SECRET_KEY
  * If the hashes don't match, a SuspiciousOperation exception is raised. If the hashes match,
    the json data is converted into a python object and returned.

Author:
--------
    Justin Quick, The Washington Times <jquick@washingtontimes.com>


%prep
%setup -q -n cookiesession-%{version}


%build
%{__python} setup.py build


%install
%{__python} setup.py install --prefix=%{_prefix} --root=%{buildroot} --record-rpm=INSTALLED_FILES


%files -f INSTALLED_FILES
%defattr(-,root,root)
openSUSE Build Service is sponsored by