(
self, app: Flask, session: SessionMixin, response: Response
)
| 335 | return self.session_class() |
| 336 | |
| 337 | def save_session( |
| 338 | self, app: Flask, session: SessionMixin, response: Response |
| 339 | ) -> None: |
| 340 | name = self.get_cookie_name(app) |
| 341 | domain = self.get_cookie_domain(app) |
| 342 | path = self.get_cookie_path(app) |
| 343 | secure = self.get_cookie_secure(app) |
| 344 | partitioned = self.get_cookie_partitioned(app) |
| 345 | samesite = self.get_cookie_samesite(app) |
| 346 | httponly = self.get_cookie_httponly(app) |
| 347 | |
| 348 | class="cm"># Add a class="st">"Vary: Cookie" header if the session was accessed at all. |
| 349 | if session.accessed: |
| 350 | response.vary.add(class="st">"Cookie") |
| 351 | |
| 352 | class="cm"># If the session is modified to be empty, remove the cookie. |
| 353 | class="cm"># If the session is empty, return without setting the cookie. |
| 354 | if not session: |
| 355 | if session.modified: |
| 356 | response.delete_cookie( |
| 357 | name, |
| 358 | domain=domain, |
| 359 | path=path, |
| 360 | secure=secure, |
| 361 | partitioned=partitioned, |
| 362 | samesite=samesite, |
| 363 | httponly=httponly, |
| 364 | ) |
| 365 | response.vary.add(class="st">"Cookie") |
| 366 | |
| 367 | return |
| 368 | |
| 369 | if not self.should_set_cookie(app, session): |
| 370 | return |
| 371 | |
| 372 | expires = self.get_expiration_time(app, session) |
| 373 | val = self.get_signing_serializer(app).dumps(dict(session)) class="cm"># type: ignore[union-attr] |
| 374 | response.set_cookie( |
| 375 | name, |
| 376 | val, |
| 377 | expires=expires, |
| 378 | httponly=httponly, |
| 379 | domain=domain, |
| 380 | path=path, |
| 381 | secure=secure, |
| 382 | partitioned=partitioned, |
| 383 | samesite=samesite, |
| 384 | ) |
| 385 | response.vary.add(class="st">"Cookie") |
nothing calls this directly
no test coverage detected