Merge pull request aio-libs#13 from AlexKovalevych/fix-session-invalidate

asvetlov · asvetlov · commit 06cf5ceacc46 · 2015-06-22T13:48:05.000+03:00
return empty dict at cookie storage to be able to invalidate the session
diff --git a/aiohttp_session/cookie_storage.py b/aiohttp_session/cookie_storage.py
@@ -40,6 +40,8 @@ def load_session(self, request):
 
     @asyncio.coroutine
     def save_session(self, request, response, session):
+        if not session._mapping:
+            return self.save_cookie(response, session._mapping)
         cookie_data = json.dumps(session._mapping).encode('utf-8')
         if len(cookie_data) % AES.block_size != 0:
             # padding with spaces to full blocks
diff --git a/tests/test_encrypted_cookie_storage.py b/tests/test_encrypted_cookie_storage.py
@@ -162,8 +162,8 @@ def go():
                 loop=self.loop)
             self.assertEqual(200, resp.status)
             morsel = resp.cookies['AIOHTTP_SESSION']
-            self.assertEqual({}, self.decrypt(morsel.value))
-            self.assertTrue(morsel['httponly'])
+            self.assertEqual('', morsel.value)
+            self.assertFalse(morsel['httponly'])
             self.assertEqual(morsel['path'], '/')
 
         self.loop.run_until_complete(go())
