I'm trying to store a persistent cookie with SimpleCookie, so that I'm doing something like:
def add_cookie(self, name, value, expiry = None):
self.cookies[name] = value
if expiry is not None:
self.cookies[name]['expires'] = expiry
print(self.cookies[name].OutputString())
Output of print:
remember_me=blabla; expires=Sun, 02 Jul 2017 13:30:57 GMT
Of course then it's passed to wsgiref.simple_server's start_response function, with something like
(Set-Cookie, cookie['remember_me'].OutputString())
and the cookie is created on browser/client side, however expiry time is not updating.
Any idea how to set the correct expiry time and make persistent cookie instead of session cookie?
Thanks.
Issue solved, the described method is fine, I was just rewriting the expiry next time automatically, and that's why expiry disappeared always.
Related
After receiving idToken from Google and verified, I noticed its exp: 1623186214 is always set to 1970 which will always expire itself. For example var when=new Date(1623186214); resulting Mon Jan 19 1970 10:53:06 GMT-0800 (Pacific Standard Time).
How to address it? Thank you in advance.
Okay, the exp is in seconds since midnight 01 January 1970 GMT.
So the correct way to check expiration is
var d=new Date('1970-01-01T00:00:00Z'); // 1970-01-01 GMT
d.setUTCSeconds(1623259934); // the value of 'exp', note use UTC not setSeconds().
Now it's Wed Jun 09 2021 10:32:14 GMT-0700 (Pacific Daylight Time), one hour after log in.
However, some better ways to validate it:
use Google's public endpoint
use Google's client library google-auth-library
Details on Authenticate with a backend server
JWT timestamp in seconds, but Javascript Date requiring milliseconds. But both JWT and Javascript Date constructor use the idea “since the epoch”. So just multiple exp by 1000.
new Date(exp * 1000)

Is there any way to change the expiration of a Parse session token to something other than 1 year or no-expiry?
Ideally I'd like to change the expiry to something like 14 days.
My users could create some objects that have specific time and search them by query for specific startTime and endTime.
My question is how should I store these objects in my database (MongoDB)? Should I store them in UTC or with specific timezone that relates to user that create object?
Use UTC date format, and convert all data to UTC: when create, update, delete objects or filter them. Use one UTC time zone helps you avoid a lot of problems, and simplify you code.
example
> var now = new Date();
> Mon May 26 2014 10:55:34 GMT+0300 (Kaliningrad Standard Time)
> now.toUTCString();
> Mon, 26 May 2014 07:55:34 GMT
> new Date(now.toUTCString())
> Mon May 26 2014 10:55:34 GMT+0300 (Kaliningrad Standard Time)
When you create a new Javascript date object and assign it to a Mongo date field, it will automatically be usable with any timezone. If all you need is the current time, you can just use new Date(). But if you need to take a string and have it be interpreted in a specific timezone, or you are going to be presenting a time to a user in a specific timezone, I highly recommend checking out Moment Timezone.
This code will take a date object stored in a Mongo model (which could be 1AM on January 1, 2014 in Sydney, Australia) and present it formatted to a Los Angeles timezone (which would still be December 31, 2013).
collection.find({_id: 123}, function(err, model) {
userDate = moment(model.date).tz("America/Los_Angeles").format("MM/DD/YYYY");
});
And if you ever need to parse a string that doesn't specify a UTC offset as a specific timezone, you can use the constructor:
moment.tz("2013-11-18 11:55", "America/Toronto")
I am using Apache Shiro in my webapp.
I store some parameters in the session notably the primary key of an object stored in the database.
When the user logs in, I load the object from the database and save the primary key in the session. Then within the app the user can edit the object's data and either hit a cancel or a save button.
Both buttons triggers a RPC that gets the updated data to the server. The object is then updated in the database using the primary key stored in the session.
If the user remains active in the app (making some RPCs) everything works fine. But if he stays inactive for 3 min and subsequently makes a RPC then Shiro's securityUtils.getSubject().getSession() returns null.
The session timeout is set to 1,200,000 ms (20 min) so I don't think this is the issue.
When I go through the sessions stored in the cache of my session manager I can see the user's session org.apache.shiro.session.mgt.SimpleSession,id=6de78f10-b58e-496c-b40a-e2a9a4ad069c but when I try to get the session ID from the cookie and to call SecurityUtils.getSecurityManager().getSession(key) to get the session (where key is a SessionKey implementation): I get an exception.
When I try building a new subject from the session ID I lose all the attributes saved in the session.
I am happy to post some code to help resolve the issue but I tried so many workarounds that I don't know where to start... So please let me know what you need.
Alternatively if someone knows a better documented framework than Shiro I am all ears (Shiro's lack of documentation makes it really too time consuming)
The issue was related to the session config in the ini file. As usual with shiro the order mattered and some of my lines were out of place.
Below is the config that worked for me:
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
#sessionDAO.activeSessionsCacheName = dropship-activeSessionCache
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager.sessionDAO = $sessionDAO
# cookie for single sign on
cookie = org.apache.shiro.web.servlet.SimpleCookie
cookie.name = www.foo.com.session
cookie.path = /
sessionManager.sessionIdCookie = $cookie
# 1,800,000 milliseconds = 30 mins
sessionManager.globalSessionTimeout = 1800000
sessionValidationScheduler =
org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
sessionValidationScheduler.interval = 1800000
sessionManager.sessionValidationScheduler = $sessionValidationScheduler
securityManager.sessionManager = $sessionManager
cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
securityManager.cacheManager = $cacheManager
It sounds as if you have sorted out your problem already. As you discovered, the main thing to keep in mind with the Shiro INI file is that order matters; the file is parsed in order, which can actually be useful for constructing objects used in the configuration.
Since you mentioned Shiro's lack of documentation, I wanted to go ahead and point out two tutorials that I found helpful when starting:
http://www.javacodegeeks.com/2012/05/apache-shiro-part-1-basics.html
and
http://www.ibm.com/developerworks/web/library/wa-apacheshiro/.
There are quite a few other blog posts that provide good information to supplement the official documentation if you look around.
Good luck!
I have a Windows Service that runs on my
Texas origin Server Central Time.
This will check for all active reminders and compares the reminder time that user wants and send out reminder if it matches with user required time.
Scenarios
User is from EST
User set up a reminder for *1:25 PM * using UI via my website
On submit, my C# business logic converts this time to UTC before storing in my database. That will become '18:25:00'
My Business logic will pull all Active reminders from DB
And checks for reminder time if current UTC time and Reminder setup time diffrence is less then 5 mins, then it will send notification to that customer.
this is how my logic written
DateTime CurrentDate = DateTime.Now.ToUniversalTime();
TimeSpan currentTime = DateTime.Now.ToUniversalTime().TimeOfDay;
if (Reminder.DailyReminders.Any(x => currentTime.Subtract(x.ReminderTime).TotalMinutes < 5
&& currentTime.Subtract(x.ReminderTime).TotalMinutes > 0))
{
if (Reminder.ReminderMedhodID.Equals(1))
_email.ComposeEmail(Reminder);
}
My Problem is
*currentTime* is always 1 hour behind to user requested reminder time SO my reminders are going out 1 hour late.
Note : currentTime is from below
TimeSpan currentTime = DateTime.Now.ToUniversalTime().TimeOfDay;
I am not sure if this is the best way to handle this requirement. considering this is one of the way, can any on help how to fix this issue?
Thanks to peter's answer
Can any one help me how to take user input time with Daylight consideration
This what i have so far
public TimeSpan ConvertToUTCTime(string dateStr)
{
DateTime localDateTime = DateTime.Parse(dateStr); // Local .NET timeZone.
DateTime utcDateTime = localDateTime.ToUniversalTime();
string clTimeZoneKey = TimeZone.CurrentTimeZone.StandardName;
TimeZoneInfo clTimeZone = TimeZoneInfo.FindSystemTimeZoneById(clTimeZoneKey);
DateTime clDateTime = TimeZoneInfo.ConvertTimeFromUtc(utcDateTime, clTimeZone);
if (clTimeZone.IsDaylightSavingTime(localDateTime))
{
// Get DayLight local time in UTC
// Yet to be implemented
}
return clDateTime.TimeOfDay;
}
I got this worked using this
http://msdn.microsoft.com/en-us/library/system.globalization.daylighttime.aspx
Ummm...we are currently using Daylight Saving Time in most of the U.S. (though there are some portions of Indiana that did/do use EST?) Since EDT is one hour ahead of EST, your logic is correct. It is the input (EST) that is incorrect.