add login option: stay_logged_in

As proposed in issue #354; it adds an attribute max_age
to mediagoblin.tools.session.Session  that is passed to
response.set_cookie;  max_age is set to 30  days if the
checkbox is selected

3 files changed, 6 insertions, 1 deletions

diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index 1cff8dcc..d276a074 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -88,6 +88,8 @@ def login(request):
 
             if user:
                 # set up login in session
+                if login_form.stay_logged_in.data:
+                    request.session.max_age = 30 * 24 * 60 * 60
                 request.session['user_id'] = unicode(user.id)
                 request.session.save()
 
diff --git a/mediagoblin/plugins/basic_auth/forms.py b/mediagoblin/plugins/basic_auth/forms.py
index 72d99dff..0793f5f4 100644
--- a/mediagoblin/plugins/basic_auth/forms.py
+++ b/mediagoblin/plugins/basic_auth/forms.py
@@ -41,3 +41,5 @@ class LoginForm(wtforms.Form):
          normalize_user_or_email_field()])
     password = wtforms.PasswordField(
         _('Password'))
+    stay_logged_in = wtforms.BooleanField(
+        _('Stay logged in'))
diff --git a/mediagoblin/tools/session.py b/mediagoblin/tools/session.py
index fdc32523..ccf96443 100644
--- a/mediagoblin/tools/session.py
+++ b/mediagoblin/tools/session.py
@@ -24,6 +24,7 @@ _log = logging.getLogger(__name__)
 class Session(dict):
     def __init__(self, *args, **kwargs):
         self.send_new_cookie = False
+        self.max_age = None
         dict.__init__(self, *args, **kwargs)
 
     def save(self):
@@ -65,4 +66,4 @@ class SessionManager(object):
             response.delete_cookie(self.cookie_name)
         else:
             response.set_cookie(self.cookie_name, self.signer.dumps(session),
-                httponly=True)
+                max_age=session.max_age, httponly=True)