Merge pull request #814 from circulon/feature/cookie_encrypt_opt_out

opt-out of encrypt for a cookie

src/masonite/cookies/Cookie.py

@@ -9,6 +9,7 @@ def __init__(
         timezone=None,
         secure=False,
         samesite="Strict",
+        encrypt=True,
     ):
         self.name = name
         self.value = value
@@ -18,6 +19,7 @@ def __init__(
         self.timezone = timezone
         self.samesite = samesite
         self.path = path
+        self.encrypt = encrypt
 
     def render(self):
         response = f"{self.name}={self.value};"

src/masonite/middleware/route/EncryptCookies.py

@@ -4,6 +4,9 @@
 class EncryptCookies:
     def before(self, request, response):
         for _, cookie in request.cookie_jar.all().items():
+            if not cookie.encrypt:
+                continue
+
             try:
                 cookie.value = request.app.make("sign").unsign(cookie.value)
             except InvalidToken:
@@ -13,6 +16,9 @@ def before(self, request, response):
 
     def after(self, request, response):
         for _, cookie in response.cookie_jar.all().items():
+            if not cookie.encrypt:
+                continue
+
             try:
                 cookie.value = request.app.make("sign").sign(cookie.value)
             except InvalidToken:

tests/core/middleware/test_encrypt_cookies.py

@@ -15,3 +15,16 @@ def test_encrypts_cookies(self):
         response.cookie("test", "value")
         EncryptCookies().after(request, response)
         self.assertNotEqual(response.cookie("test"), "value")
+
+    def test_encrypt_cookies_opt_out(self):
+        request = self.make_request(
+            {"HTTP_COOKIE": f"test_key=test value"}
+        )
+
+        response = self.make_response()
+        EncryptCookies().before(request, None)
+        self.assertEqual(request.cookie("test_key", encrypt=False), "test value")
+
+        response.cookie("test", "value")
+        EncryptCookies().after(request, response)
+        self.assertNotEqual(response.cookie("test_key", encrypt=False), "test value")