MCPcopy
hub / github.com/pallets/flask / test_session_secret_key_fallbacks

Function test_session_secret_key_fallbacks

tests/test_basic.py:395–420  ·  view source on GitHub ↗
(app, client)

Source from the content-addressed store, hash-verified

393
394
395def test_session_secret_key_fallbacks(app, client) -> None:
396 @app.post("/")
397 def set_session() -> str:
398 flask.session["a"] = 1
399 return ""
400
401 @app.get("/")
402 def get_session() -> dict[str, t.Any]:
403 return dict(flask.session)
404
405 # Set session with initial secret key, and two valid expiring keys
406 app.secret_key, app.config["SECRET_KEY_FALLBACKS"] = (
407 "0 key",
408 ["-1 key", "-2 key"],
409 )
410 client.post()
411 assert client.get().json == {"a": 1}
412 # Change secret key, session can't be loaded and appears empty
413 app.secret_key = "? key"
414 assert client.get().json == {}
415 # Rotate the valid keys, session can be loaded
416 app.secret_key, app.config["SECRET_KEY_FALLBACKS"] = (
417 "+1 key",
418 ["0 key", "-1 key"],
419 )
420 assert client.get().json == {"a": 1}
421
422
423def test_session_expiration(app, client):

Callers

nothing calls this directly

Calls 2

postMethod · 0.45
getMethod · 0.45

Tested by

no test coverage detected