CODE REVIEW

Another, much shorter, code sample.

Timeout usually contains relative time. I would probably rename it to "expiration_time"
datetim seems undefined, but hell knows.
DB query is too long, and could be split to multiple lines.

python. every sample of code in the show is from github.com/webpy/webpy/blob/master/web/session.py

Code reviews only work when the language isn't a cluster fuck of bizarre idioms.

criticizers in this thread BTFO

> Can't into python
> There is no possibility others can understand this

My bad, urandom takes size, not seed as parameter.

Code review is a helpful process, that increases maintainability. It should not be considered personal.
It depends on the developer, if he accepts it or not

Wtf kind of dumb person names an variable self???

What's the purpose of naming them with "_" before the name?

it indicates its private in python

its not true private though you can still access it, you're just not supposed to

...

it's a keyword not variable fuckwit

Sounds dumb. Why doesn't python just build private functions into it's spec?

Well, the double underscore is the true private function, so he already did. I would argue if it was readable.

fucking kill youself, and learn something on the way

>japanese comments
>_method_name()
6/10 at best.

No different from their music, really. They LOVE throwing in random english words/sentences into their music that only makes sense to a japanese. And programming languages may in many cases use english words, but that doesn't make you a fluent english speaker.

This is why the Japanese can't make a fucking website that doesn't look like it was designed in 1997.

>datetim

Why

>Python

>flat as a board
>mean drunk
>codes in Python
Why would anyone want anything to do with Kobayashi?

>httponly=httponly, secure=secu

I'm not aware of an httponly tag for cookies or secure, only of httpsonly, but either way httponly and secure together make no sense because http is inherently insecure, so enabling a secure flag would make it no longer httponly.

Lmao python
Self self self self self self self self

httpOnly: Cookie is managed by the browser and can't be read or used using Javascript. Especially useful for session cookies.
secure: Cookie is only sent over HTTPS or other encrypted channels, never over bare HTTP.

learn yourself a websec desu
developer.mozilla.org/docs/Web/HTTP/Cookies#Secure_and_HttpOnly_cookies

>either way httponly and secure together make no sense

HttpOnly means it cannot be read by JavaScript, making it a good choice as a defense-in-depth mechanism for limiting the impact of e.g., XSS.

It is entirely separate from "Secure" which mandates cookies should only be sent over HTTPs.

Having read The "now" in _generate_session_id is entirely useless.

Why is a detective koding?

thank god you don't have to use ; to end a line though.

You can name the instance parameter whatever you like. "pancake" or "this" is fine, although it violates PEP 8.
>Always use self for the first argument to instance methods.
>Always use cls for the first argument to class methods.
(Java uses even more retarded names like "clazz" here.)
>If a function argument's name clashes with a reserved keyword, it is generally better to append a single trailing underscore rather than use an abbreviation or spelling corruption. Thus class_ is better than clss.

why would anyone else handle session logic that can be handled by a framework?

Indentation is borked. It's inside a class with 2 spaces of indent (it seems), but the methods have 4 spaces (or a tab).

>using os.urandom()

anything like this will render the entire CPU cycle unusable until that bit finishes executing. better to run it on a separate thread

because he got inspired to get into it by karlie

ugly too

Fuck off; Don't talk shit about my kobayashi!

You know she's a lesbian, right?

and?

Python is inherently single threaded anyway, so why should it matter?

In any event, "secrets" or "SystemRandom" from the "random" module should probably be used instead.

You don't use python for optimal runtime.

unless you're a girl, thats the worst waifu.

>Python
No thank you, strong typing is a godsend

It's Python and no it doesn't. You can implement them just by defining variables
A = 0
B = 1
C = 2
etc.
But the language has no explicit support for them.

> I love creating degenerated interfaces for acyclic visitor patterns.
Python doesn't need this workaround

all python code is trash, you can't write good code in it because it straight up wont let you

Cute. Dictionary syntax backed by a database sounds super comfy

>because it straight up wont let you

Python has support for enumerated classes in the stdlib. docs.python.org/3/library/enum.html

>self.get

this is now a self.get thread

self.get

>not having access modifiers
kek
I'm sorry for you all, pythonists.
Guido can't into proper languages.

Thats not true private either. It invokes python name mangling algorithm. The final method will still be public but will have different name (consisting in adding trivial prefixes and more underscores).

Python looms like that!?!?

No wonder the language sucks so hard.

Enterprise/10

If they really wanted a realistic soul crushing Dev shop place it would have been an Enterprise Java Factory factory.

Nice catch. Props to them for using something real.

/thread
Python is a language for non-professional programmers and it shows in every part.

If that grinds your gear, wait until you meet Pythons JS-tier scoping rules.

see

m8 this is webpy.