Encode the session as a JWT for use in setting our own session cookie. Currently this just includes the session_id in order to avoid storing any sensitive information in the cookie.
(session: Session)
| 137 | |
| 138 | |
| 139 | def _encode_session_cookie(session: Session) -> str: |
| 140 | """ |
| 141 | Encode the session as a JWT for use in setting our own session cookie. |
| 142 | |
| 143 | Currently this just includes the session_id in order to avoid storing any |
| 144 | sensitive information in the cookie. |
| 145 | """ |
| 146 | session_id = str(session.session_id) |
| 147 | return jwt.encode({"session_id": session_id}, AUTH_COOKIE_SECRET, algorithm=AUTH_JWT_ALGO) |
| 148 | |
| 149 | |
| 150 | def _decode_session_cookie(cookie: str) -> Session | None: |
no test coverage detected
searching dependent graphs…