[ { "path": ".editorconfig", "content": "root = true\n\n[*]\nindent_style = space\nindent_size = 4\nend_of_line = lf\ninsert_final_newline = true\ntrim_trailing_whitespace = true\n\n[*.{scss,sass}]\nindent_size = 2\n\n[*.{yml,yaml}]\nindent_size = 2\n\n[*.{js,ts}]\nindent_size = 2\n\n[*.json]\nindent_size = 2\n\n[Makefile]\nindent_style = tab\n" }, { "path": ".git-blame-ignore-revs", "content": "# black and isort on the codebase\n938a25cb45b672b65673053b3521d04f737e121a\n" }, { "path": ".github/actions/build-js/action.yml", "content": "---\n\nname: 'Build JS'\ndescription: 'Compile the TS source code'\n\ninputs:\n npm-package:\n description: Build NPM package\n required: false\n default: 'false'\n\n django-staticfiles:\n description: Bundle Django staticfiles\n required: false\n default: 'false'\n\nruns:\n using: 'composite'\n\n steps:\n\n - uses: actions/setup-node@v4\n with:\n node-version-file: 'js/.nvmrc'\n cache: npm\n cache-dependency-path: js/package-lock.json\n\n - name: Install dependencies\n run: npm ci\n shell: bash\n working-directory: js\n\n - name: Build NPM package\n if: ${{ inputs.npm-package == 'true' }}\n run: npm run build\n shell: bash\n working-directory: js\n\n - name: Build Django assets package\n if: ${{ inputs.django-staticfiles == 'true' }}\n run: npm run build:django-static\n shell: bash\n working-directory: js\n" }, { "path": ".github/workflows/ci.yml", "content": "name: Run CI\n\n# Run this workflow every time a new commit pushed to your repository\non:\n push:\n branches:\n - main\n tags:\n - '*'\n pull_request:\n workflow_dispatch:\n\njobs:\n build-js:\n runs-on: ubuntu-latest\n name: Compile the frontend code\n\n steps:\n - uses: actions/checkout@v4\n - uses: ./.github/actions/build-js\n with:\n npm-package: 'true'\n django-staticfiles: 'false'\n\n tests:\n runs-on: ubuntu-latest\n strategy:\n matrix:\n python: ['3.10', '3.11', '3.12', '3.13', '3.14']\n django: ['4.2', '5.2', '6.0']\n exclude:\n - python: '3.13'\n django: '4.2'\n - python: '3.14'\n django: '4.2'\n\n name: Run the test suite (Python ${{ matrix.python }}, Django ${{ matrix.django }})\n\n steps:\n - uses: actions/checkout@v4\n - uses: actions/setup-python@v5\n with:\n python-version: ${{ matrix.python }}\n\n - name: Install dependencies\n run: pip install tox tox-gh-actions\n\n - name: Run tests\n run: tox\n env:\n DJANGO: ${{ matrix.django }}\n\n - name: Publish coverage report\n uses: codecov/codecov-action@v5\n with:\n token: ${{ secrets.CODECOV_TOKEN }}\n directory: reports/\n\n e2e_tests:\n runs-on: ubuntu-latest\n name: Run the end-to-end tests\n\n steps:\n - uses: actions/checkout@v4\n - uses: actions/setup-python@v5\n with:\n python-version: '3.12'\n\n - uses: ./.github/actions/build-js\n with:\n npm-package: 'false'\n django-staticfiles: 'true'\n\n - name: Install dependencies\n run: |\n pip install tox tox-gh-actions pytest-playwright\n playwright install --with-deps chromium\n\n - name: Run tests\n run: tox -e e2e\n\n - name: Publish coverage report\n uses: codecov/codecov-action@v3\n with:\n directory: reports/\n\n\n publish:\n name: Publish packages to PyPI and NPM\n runs-on: ubuntu-latest\n needs:\n - tests\n - e2e_tests\n\n if: github.repository == 'django-commons/django-cookie-consent' && github.event_name == 'push' && startsWith(github.ref, 'refs/tags')\n\n environment:\n name: release\n url: https://pypi.org/project/django-cookie-consent/\n permissions:\n id-token: write\n contents: read\n\n steps:\n - uses: actions/checkout@v4\n - uses: actions/setup-python@v5\n with:\n python-version: '3.12'\n - uses: actions/setup-node@v4\n with:\n node-version-file: 'js/.nvmrc'\n cache: npm\n cache-dependency-path: js/package-lock.json\n registry-url: 'https://registry.npmjs.org'\n\n # Required to ensure the build artifacts are in the packages.\n - uses: ./.github/actions/build-js\n with:\n npm-package: 'true'\n django-staticfiles: 'true'\n\n - name: Build sdist and wheel\n run: |\n pip install build --upgrade\n python -m build\n\n # TODO: enable verified publishing!\n - name: Publish a Python distribution to PyPI\n uses: pypa/gh-action-pypi-publish@release/v1\n\n - name: Publish NPM package\n run: |\n version=$(echo \"${{ github.ref }}\" | sed -e 's,.*/\\(.*\\),\\1,')\n npm publish --new-version=\"$version\"\n working-directory: js\n env:\n NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}\n" }, { "path": ".github/workflows/code_quality.yml", "content": "name: Code quality checks\n\n# Run this workflow every time a new commit pushed to your repository\non:\n push:\n branches:\n - main\n tags:\n - '*'\n pull_request:\n workflow_dispatch:\n\njobs:\n linting:\n name: Code-quality checks\n runs-on: ubuntu-latest\n strategy:\n matrix:\n toxenv:\n - ruff\n - docs\n steps:\n - uses: actions/checkout@v4\n - uses: actions/setup-python@v5\n with:\n python-version: '3.12'\n - name: Install dependencies\n run: pip install tox\n - run: tox\n env:\n TOXENV: ${{ matrix.toxenv }}\n FORCE_COLOR: '1'\n" }, { "path": ".gitignore", "content": "*.log\n*.pot\n*.pyc\nlocal_settings.py\nenv/\n\n# build artifacts\ndocs/_build\nbuild/\ndist/\n*.egg-info/\n\n# editors\n.vscode\n.history\n.sonarlint\n\n# tests and coverage\n.tox/\n.pytest_cache\n.coverage\nhtmlcov/\nreports/\ntestapp/*.db\n.hypothesis\n\n# frontend tooling / builds\njs/node_modules/\njs/lib/\ncookie_consent/static/cookie_consent/cookiebar.module.*\n" }, { "path": ".pre-commit-config.yaml", "content": "repos:\n - repo: https://github.com/pre-commit/pre-commit-hooks\n rev: v5.0.0\n hooks:\n - id: check-merge-conflict\n\n - repo: https://github.com/adamchainz/django-upgrade\n rev: 1.29.1\n hooks:\n - id: django-upgrade\n" }, { "path": ".readthedocs.yaml", "content": "# .readthedocs.yaml\n# Read the Docs configuration file\n# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details\n\nversion: 2\n\nsphinx:\n configuration: docs/conf.py\n\nbuild:\n os: 'ubuntu-22.04'\n tools:\n python: '3.10'\n\npython:\n install:\n - method: pip\n path: .\n extra_requirements:\n - docs\n" }, { "path": "AUTHORS", "content": "The django-cookie-consent was created by Bojan Mihelac (bmihelac).\n\n\nThe following is a list of much appreciated contributors:\n\n* Jonathan L Herr (JonHerr)\n* Jasper Koops (Jasper-Koops)\n* Fernando Cordeiro (MrCordeiro)\n* Mejans\n* Sergei Maertens (sergei-maertens)\n* Abdullah Alahdal (alahdal)\n* some1ataplace\n* binoyudayan\n* adilhussain540\n* Johanan Oppong Amoateng (JohananOppongAmoateng)\n" }, { "path": "CODE_OF_CONDUCT.md", "content": "# Code of Conduct\n\nThe django-cookie-consent project utilizes the [Django Commons Code of Conduct](https://github.com/django-commons/membership/blob/main/CODE_OF_CONDUCT.md).\n" }, { "path": "CONTRIBUTING.rst", "content": "By contributing you agree to abide by the\n`Contributor Code of Conduct `_.\n\nHow can you contribute?\n=======================\n\nContributions in all forms are welcome, not only code patches. You can contribute by:\n\n* reporting bugs/issues\n* triaging reported issues\n* improving the documentation\n* suggesting enhancements\n\nOf course, if you report a bug or have a feature request, a pull request implementing\nthe fix or feature is much appreciated.\n\nContributing code\n-----------------\n\nIf you decide to submit a patch or implement a feature, please adhere to the quality\nchecks:\n\n* Pull requests must be accompanied by tests. We use ``pytest`` and prefer using this\n testing style over Django's ``django.test.TestCase``.\n* Ideally, documentation updates are included in a pull request.\n* Code formatting and linting is done with ``ruff``. There are tox environments and CI\n checks in place to check/enforce this.\n* Follow Django's code style where possible.\n* Keep commits atomic - one commit should only concern one topic. Bugfixes typically\n have one commit for the regression test and one commit with the fix.\n\nSetting up the project for local development\n--------------------------------------------\n\nAfter checking out the project (through ``git clone``), it's advised to set up a\nvirtualenv with the lowest supported python and Django version.\n\nYou can then install the project with all the dev-tools:\n\n.. code-block:: bash\n\n pip install -e .[tests,docs,release]\n\nSome frontend tooling is needed too:\n\n* NodeJS (for the version, see ``.nvmrc``, you can use ``nvm``)\n\n.. code-block:: bash\n\n cd js\n nvm use\n npm install\n npm run build:django-static\n npm run build # optional, but a nice check\n\n**Running the testapp as dev environment**\n\nIn Django project's, you are typically expecting a ``manage.py`` file. This is less\ncommon in libraries, but it's fairly straightforward to emulate this:\n\n.. code-block:: bash\n\n export DJANGO_SETTINGS_MODULE=testapp.settings PYTHONPATH=.\n\n django-admin migrate\n django-admin createsuperuser\n django-admin runserver\n\nYou can now start working on your contribution!\n\n**Running the tests**\n\nRun the tests locally using ``tox`` to verify everything is okay:\n\n.. code-block:: bash\n\n tox\n\nCheat sheet\n-----------\n\nThis cheat sheet provides some quick tooling/commands lookup while working on the\nproject.\n\n**Running tests**\n\nIn your current environment\n\n.. code-block:: bash\n\n pytest\n\nor to build the full test matrix\n\n.. code-block:: bash\n\n tox\n\n**Formatting the code for check-in**\n\n.. code-block:: bash\n\n ruff format .\n ruff check --fix .\n\nShould be sufficient. Consider using a pre-commit hook to automate this.\n\n**Building the docs**\n\n.. code-block:: bash\n\n cd docs\n make html\n\nYou can now open the file ``_build/html/index.html`` in your browser.\n\n**Generating message catalogs**\n\n.. code-block:: bash\n\n export DJANGO_SETTINGS_MODULE=testapp.settings\n cd cookie_consent\n django-admin makemessages --all\n cd ..\n\nAfter translating the message, you need to compile the message catalogs:\n\n.. code-block:: bash\n\n django-admin compilemessages\n\n**Bumping the version/releasing**\n\nAfter updating changelogs etc.\n\n.. code-block:: bash\n\n bump-my-version bump major|minor|patch\n bump-my-version bump pre_l\n git commit -am \":bookmark: Bump to version \"\n git tag -s X.Y.Z\n git push origin main --tags\n" }, { "path": "LICENSE", "content": "Copyright (c) Bojan Mihelac and individual contributors.\nAll rights reserved.\n\nRedistribution and use in source and binary forms, with or without modification,\nare permitted provided that the following conditions are met:\n\n 1. Redistributions of source code must retain the above copyright notice, \n this list of conditions and the following disclaimer.\n \n 2. Redistributions in binary form must reproduce the above copyright \n notice, this list of conditions and the following disclaimer in the\n documentation and/or other materials provided with the distribution.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND\nANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED\nWARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR\nANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\nLOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON\nANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS\nSOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" }, { "path": "MANIFEST.in", "content": "include LICENSE\ninclude AUTHORS\ninclude README.md\ninclude cookie_consent/py.typed\nrecursive-include cookie_consent/templates *\nrecursive-include cookie_consent/static *\nrecursive-include cookie_consent/fixtures *\n" }, { "path": "README.md", "content": "Django cookie consent\n=====================\n\nManage cookie information and let visitors give or reject consent for them.\n\n![License](https://img.shields.io/pypi/l/django-cookie-consent)\n[![Build status][badge:GithubActions:CI]][GithubActions:CI]\n[![Code Quality][badge:GithubActions:CQ]][GithubActions:CQ]\n[![Code style: ruff][badge:ruff]][ruff]\n[![Test coverage][badge:codecov]][codecov]\n[![Documentation][badge:docs]][docs]\n\n![Supported python versions](https://img.shields.io/pypi/pyversions/django-cookie-consent)\n![Supported Django versions](https://img.shields.io/pypi/djversions/django-cookie-consent)\n[![PyPI version][badge:pypi]][pypi]\n[![NPM version][badge:npm]][npm]\n\n**Features**\n\n* cookies and cookie groups are stored in models for easy management\n through Django admin interface\n* support for both opt-in and opt-out cookie consent schemes\n* removing declined cookies (or non accepted when opt-in scheme is used)\n* logging user actions when they accept and decline various cookies\n* easy adding new cookies and seamlessly re-asking for consent for new cookies\n\nDocumentation\n-------------\n\nThe documentation is hosted on [readthedocs][docs] and contains all instructions\nto get started.\n\nAlternatively, if the documentation is not available, you can consult or build the docs\nfrom the `docs` directory in this repository.\n\n[GithubActions:CI]: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Run+CI%22\n[badge:GithubActions:CI]: https://github.com/django-commons/django-cookie-consent/workflows/Run%20CI/badge.svg\n[GithubActions:CQ]: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Code+quality+checks%22\n[badge:GithubActions:CQ]: https://github.com/django-commons/django-cookie-consent/workflows/Code%20quality%20checks/badge.svg\n[ruff]: https://github.com/astral-sh/ruff\n[badge:ruff]: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json\n[codecov]: https://codecov.io/gh/django-commons/django-cookie-consent\n[badge:codecov]: https://codecov.io/gh/django-commons/django-cookie-consent/branch/main/graph/badge.svg\n[docs]: https://django-cookie-consent.readthedocs.io/en/latest/?badge=latest\n[badge:docs]: https://readthedocs.org/projects/django-cookie-consent/badge/?version=latest\n[pypi]: https://pypi.org/project/django-cookie-consent/\n[badge:pypi]: https://img.shields.io/pypi/v/django-cookie-consent.svg\n[npm]: https://www.npmjs.com/package/django-cookie-consent\n[badge:npm]: https://img.shields.io/npm/v/django-cookie-consent\n" }, { "path": "__init__.py", "content": "" }, { "path": "cookie_consent/__init__.py", "content": "__version__ = \"1.0.0\"\n" }, { "path": "cookie_consent/admin.py", "content": "from django.contrib import admin\nfrom django.db.models import Count\nfrom django.http.request import HttpRequest\nfrom django.templatetags.l10n import localize\nfrom django.templatetags.static import static\nfrom django.utils.html import format_html\nfrom django.utils.translation import gettext_lazy as _\n\nfrom .conf import settings\nfrom .models import Cookie, CookieGroup, LogItem\n\n\n@admin.register(Cookie)\nclass CookieAdmin(admin.ModelAdmin):\n list_display = (\"varname\", \"name\", \"cookiegroup\", \"path\", \"domain\", \"get_version\")\n search_fields = (\"name\", \"domain\", \"cookiegroup__varname\", \"cookiegroup__name\")\n readonly_fields = (\"varname\",)\n list_filter = (\"cookiegroup\",)\n\n\n@admin.register(CookieGroup)\nclass CookieGroupAdmin(admin.ModelAdmin):\n list_display = (\n \"varname\",\n \"name\",\n \"is_required\",\n \"is_deletable\",\n \"num_cookies\",\n \"get_version\",\n )\n search_fields = (\n \"varname\",\n \"name\",\n )\n list_filter = (\n \"is_required\",\n \"is_deletable\",\n )\n\n def get_queryset(self, request: HttpRequest):\n qs = super().get_queryset(request)\n return qs.annotate(num_cookies=Count(\"cookie\"))\n\n @admin.display(ordering=\"num_cookies\", description=_(\"# cookies\"))\n def num_cookies(self, obj: CookieGroup):\n if (count := obj.num_cookies) > 0:\n return localize(count)\n\n return format_html(\n '{count} \"{alt}\"',\n count=localize(count),\n src=static(\"admin/img/icon-alert.svg\"),\n alt=_(\"Warning icon for missing cookies in cookie group.\"),\n )\n\n\nclass LogItemAdmin(admin.ModelAdmin):\n list_display = (\"action\", \"cookiegroup\", \"version\", \"created\")\n list_filter = (\"action\", \"cookiegroup\")\n readonly_fields = (\"action\", \"cookiegroup\", \"version\", \"created\")\n date_hierarchy = \"created\"\n\n\nif settings.COOKIE_CONSENT_LOG_ENABLED:\n admin.site.register(LogItem, LogItemAdmin)\n" }, { "path": "cookie_consent/apps.py", "content": "from django.apps import AppConfig\nfrom django.utils.translation import gettext_lazy as _\n\n\nclass CookieConsentConf(AppConfig):\n name = \"cookie_consent\"\n verbose_name = _(\"cookie consent\")\n default_auto_field = \"django.db.models.AutoField\"\n" }, { "path": "cookie_consent/cache.py", "content": "from collections.abc import Mapping\n\nfrom django.core.cache import caches\n\nfrom .conf import settings\nfrom .models import Cookie, CookieGroup\n\nCACHE_KEY = \"cookie_consent_cache\"\nCACHE_TIMEOUT = 60 * 60 # 60 minutes\n\n\ndef _get_cache():\n \"\"\"\n Lazily wrap around django.core.cache.\n\n This prevents the cache object to be resolved at import-time, which breaks the\n `django.test.override_settings` functionality for projects adding tests for this\n package, see https://github.com/bmihelac/django-cookie-consent/issues/41.\n \"\"\"\n return caches[settings.COOKIE_CONSENT_CACHE_BACKEND]\n\n\ndef delete_cache() -> None:\n cache = _get_cache()\n cache.delete(CACHE_KEY)\n\n\ndef _get_cookie_groups_from_db() -> Mapping[str, CookieGroup]:\n qs = CookieGroup.objects.filter(is_required=False).prefetch_related(\"cookie_set\")\n return qs.in_bulk(field_name=\"varname\")\n\n\ndef all_cookie_groups() -> Mapping[str, CookieGroup]:\n \"\"\"\n Get all cookie groups that are optional.\n\n Reads from the cache where possible, sets the value in the cache if there's a\n cache miss.\n \"\"\"\n cache = _get_cache()\n result = cache.get_or_set(\n CACHE_KEY, _get_cookie_groups_from_db, timeout=CACHE_TIMEOUT\n )\n assert result is not None\n return result\n\n\ndef get_cookie_group(varname: str) -> CookieGroup | None:\n return all_cookie_groups().get(varname)\n\n\ndef get_cookie(cookie_group: CookieGroup, name: str, domain: str) -> Cookie | None:\n # loop over cookie set relation instead of doing a lookup query, as this should\n # come from the cache and avoid hitting the database\n for cookie in cookie_group.cookie_set.all():\n if cookie.name == name and cookie.domain == domain:\n return cookie\n return None\n" }, { "path": "cookie_consent/conf.py", "content": "from typing import Literal\n\nfrom django.conf import settings\nfrom django.urls import reverse_lazy\nfrom django.utils.functional import Promise\n\nfrom appconf import AppConf\n\n__all__ = [\"settings\"]\n\n\nclass CookieConsentConf(AppConf):\n # django-cookie-consent cookie settings that store the configuration\n NAME: str = \"cookie_consent\"\n # TODO: rename to AGE for parity with django settings\n MAX_AGE: int = 60 * 60 * 24 * 365 * 1 # 1 year,\n DOMAIN: str | None = None\n SECURE: bool = False\n HTTPONLY: bool = True\n SAMESITE: Literal[\"Strict\", \"Lax\", \"None\", False] = \"Lax\"\n\n DECLINE: str = \"-1\"\n\n ENABLED: bool = True\n\n OPT_OUT: bool = False\n\n CACHE_BACKEND: str = \"default\"\n\n LOG_ENABLED: bool = True\n \"\"\"\n DeprecationWarning: in future versions the default may switch to log disabled.\n \"\"\"\n\n SUCCESS_URL: str | Promise = reverse_lazy(\"cookie_consent_cookie_group_list\")\n" }, { "path": "cookie_consent/fixtures/common_cookies.json", "content": "[{\"pk\": 1, \"model\": \"cookie_consent.cookiegroup\", \"fields\": {\"is_deletable\": false, \"name\": \"Required cookies\", \"created\": \"2013-06-03T12:54:15.809\", \"ordering\": 0, \"varname\": \"required\", \"is_required\": true, \"description\": \"This cookies are required for website.\"}}, {\"pk\": 2, \"model\": \"cookie_consent.cookiegroup\", \"fields\": {\"is_deletable\": true, \"name\": \"Google Analytics\", \"created\": \"2013-06-03T12:58:11.616\", \"ordering\": 0, \"varname\": \"analytics\", \"is_required\": false, \"description\": \"These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where vistors have come to the site from and the pages they visited.\"}}, {\"pk\": 3, \"model\": \"cookie_consent.cookiegroup\", \"fields\": {\"is_deletable\": true, \"name\": \"Social media\", \"created\": \"2013-06-04T03:16:45.089\", \"ordering\": 0, \"varname\": \"social\", \"is_required\": false, \"description\": \"Facebook, Twitter and other social websites need to know who you are to work properly.\"}}, {\"pk\": 1, \"model\": \"cookie_consent.cookie\", \"fields\": {\"domain\": \"\", \"name\": \"_utma\", \"created\": \"2013-06-03T12:59:03.467\", \"cookiegroup\": 2, \"path\": \"/\", \"description\": null}}, {\"pk\": 2, \"model\": \"cookie_consent.cookie\", \"fields\": {\"domain\": \"\", \"name\": \"_utmb\", \"created\": \"2013-06-03T12:59:36.710\", \"cookiegroup\": 2, \"path\": \"/\", \"description\": null}}, {\"pk\": 3, \"model\": \"cookie_consent.cookie\", \"fields\": {\"domain\": \"\", \"name\": \"_utmc\", \"created\": \"2013-06-03T12:59:45.074\", \"cookiegroup\": 2, \"path\": \"/\", \"description\": null}}, {\"pk\": 4, \"model\": \"cookie_consent.cookie\", \"fields\": {\"domain\": \"\", \"name\": \"_utmz\", \"created\": \"2013-06-03T12:59:55.465\", \"cookiegroup\": 2, \"path\": \"/\", \"description\": null}}, {\"pk\": 5, \"model\": \"cookie_consent.cookie\", \"fields\": {\"domain\": \"\", \"name\": \"sessionid\", \"created\": \"2013-06-03T13:00:15.592\", \"cookiegroup\": 1, \"path\": \"/\", \"description\": null}}, {\"pk\": 6, \"model\": \"cookie_consent.cookie\", \"fields\": {\"domain\": \"\", \"name\": \"csrftoken\", \"created\": \"2013-06-03T13:00:49.878\", \"cookiegroup\": 1, \"path\": \"/\", \"description\": null}}, {\"pk\": 7, \"model\": \"cookie_consent.cookie\", \"fields\": {\"domain\": \".facebook.com\", \"name\": \"*\", \"created\": \"2013-06-04T03:17:01.421\", \"cookiegroup\": 3, \"path\": \"/\", \"description\": \"This cookies are used by Facebook to allow sharing content. \"}}]" }, { "path": "cookie_consent/forms.py", "content": "from collections.abc import Collection, Iterator\n\nfrom django import forms\nfrom django.utils.translation import gettext_lazy as _\n\nfrom .cache import all_cookie_groups\nfrom .models import CookieGroup\n\n\ndef iter_cookie_group_choices() -> Iterator[tuple[str, str]]:\n \"\"\"\n Use the cached cookie group instances to get a list of choices.\n \"\"\"\n for varname, cookie_group in all_cookie_groups().items():\n yield varname, cookie_group.name\n\n\nclass CookieGroupsChoiceField(forms.TypedMultipleChoiceField):\n def __init__(self, **kwargs):\n kwargs[\"coerce\"] = self._coerce_choice\n kwargs[\"choices\"] = iter_cookie_group_choices\n super().__init__(**kwargs)\n\n def _coerce_choice(self, varname: str) -> CookieGroup:\n all_groups = all_cookie_groups()\n return all_groups[varname]\n\n\nclass ProcessCookiesForm(forms.Form):\n all_groups = forms.BooleanField(\n label=_(\"Apply to all cookie groups\"),\n required=False,\n )\n cookie_groups = CookieGroupsChoiceField(\n label=_(\"Cookie group varnames\"),\n choices=iter_cookie_group_choices,\n required=False,\n )\n\n def get_cookie_groups(self) -> Collection[CookieGroup]:\n \"\"\"\n Build the collection of specified cookies.\n \"\"\"\n match self.cleaned_data:\n case {\"all_groups\": True}:\n return all_cookie_groups().values()\n case {\"cookie_groups\": [*groups]}:\n return groups\n case _:\n return []\n" }, { "path": "cookie_consent/locale/en/LC_MESSAGES/django.po", "content": "# SOME DESCRIPTIVE TITLE.\n# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER\n# This file is distributed under the same license as the PACKAGE package.\n# FIRST AUTHOR , YEAR.\n#\n#, fuzzy\nmsgid \"\"\nmsgstr \"\"\n\"Project-Id-Version: PACKAGE VERSION\\n\"\n\"Report-Msgid-Bugs-To: \\n\"\n\"POT-Creation-Date: 2013-06-09 10:12+0200\\n\"\n\"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\\n\"\n\"Last-Translator: FULL NAME \\n\"\n\"Language-Team: LANGUAGE \\n\"\n\"Language: \\n\"\n\"MIME-Version: 1.0\\n\"\n\"Content-Type: text/plain; charset=UTF-8\\n\"\n\"Content-Transfer-Encoding: 8bit\\n\"\n\n#: models.py:16\nmsgid \"\"\n\"Enter a valid 'varname' consisting of letters, numbers, underscores or \"\n\"hyphens.\"\nmsgstr \"\"\n\n#: models.py:23\nmsgid \"Variable name\"\nmsgstr \"\"\n\n#: models.py:26 models.py:66\nmsgid \"Name\"\nmsgstr \"\"\n\n#: models.py:27 models.py:67\nmsgid \"Description\"\nmsgstr \"\"\n\n#: models.py:29\nmsgid \"Is required\"\nmsgstr \"\"\n\n#: models.py:30\nmsgid \"Are cookies in this group required.\"\nmsgstr \"\"\n\n#: models.py:33\nmsgid \"Is deletable?\"\nmsgstr \"\"\n\n#: models.py:34\nmsgid \"Can cookies in this group be deleted.\"\nmsgstr \"\"\n\n#: models.py:36\nmsgid \"Ordering\"\nmsgstr \"\"\n\n#: models.py:37 models.py:70 models.py:106\nmsgid \"Created\"\nmsgstr \"\"\n\n#: models.py:40\nmsgid \"Cookie Group\"\nmsgstr \"\"\n\n#: models.py:41\nmsgid \"Cookie Groups\"\nmsgstr \"\"\n\n#: models.py:68\nmsgid \"Path\"\nmsgstr \"\"\n\n#: models.py:69\nmsgid \"Domain\"\nmsgstr \"\"\n\n#: models.py:73\nmsgid \"Cookie\"\nmsgstr \"\"\n\n#: models.py:74\nmsgid \"Cookies\"\nmsgstr \"\"\n\n#: models.py:95 templates/cookie_consent/_cookie_group.html:22\nmsgid \"Declined\"\nmsgstr \"\"\n\n#: models.py:96 templates/cookie_consent/_cookie_group.html:13\nmsgid \"Accepted\"\nmsgstr \"\"\n\n#: models.py:101\nmsgid \"Action\"\nmsgstr \"\"\n\n#: models.py:105\nmsgid \"Version\"\nmsgstr \"\"\n\n#: models.py:109\nmsgid \"Log item\"\nmsgstr \"\"\n\n#: models.py:110\nmsgid \"Log items\"\nmsgstr \"\"\n\n#: templates/cookie_consent/_cookie_group.html:17\nmsgid \"Accept\"\nmsgstr \"\"\n\n#: templates/cookie_consent/_cookie_group.html:26\nmsgid \"Decline\"\nmsgstr \"\"\n" }, { "path": "cookie_consent/locale/nl/LC_MESSAGES/django.po", "content": "# SOME DESCRIPTIVE TITLE.\n# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER\n# This file is distributed under the same license as the PACKAGE package.\n# FIRST AUTHOR , YEAR.\n#\n#, fuzzy\nmsgid \"\"\nmsgstr \"\"\n\"Project-Id-Version: 0.4.0\\n\"\n\"Report-Msgid-Bugs-To: \\n\"\n\"POT-Creation-Date: 2022-09-04 15:38-0500\\n\"\n\"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\\n\"\n\"Last-Translator: Sergei Maertens \\n\"\n\"Language-Team: LANGUAGE \\n\"\n\"Language: \\n\"\n\"MIME-Version: 1.0\\n\"\n\"Content-Type: text/plain; charset=UTF-8\\n\"\n\"Content-Transfer-Encoding: 8bit\\n\"\n\"Plural-Forms: nplurals=2; plural=(n != 1);\\n\"\n#: cookie_consent/models.py:14\nmsgid \"\"\n\"Enter a valid 'varname' consisting of letters, numbers, underscores or \"\n\"hyphens.\"\nmsgstr \"\"\n\"Geef een geldige 'variabelenaam' op die bestaat uit letters, getallen, liggende \"\n\"streepjes of koppeltekens.\"\n\n#: cookie_consent/models.py:23\nmsgid \"Variable name\"\nmsgstr \"Variabelenaam\"\n\n#: cookie_consent/models.py:25 cookie_consent/models.py:69\nmsgid \"Name\"\nmsgstr \"Naam\"\n\n#: cookie_consent/models.py:26 cookie_consent/models.py:70\nmsgid \"Description\"\nmsgstr \"Omschrijving\"\n\n#: cookie_consent/models.py:28\nmsgid \"Is required\"\nmsgstr \"Is verplicht\"\n\n#: cookie_consent/models.py:29\nmsgid \"Are cookies in this group required.\"\nmsgstr \"Of cookies in deze groep verplicht zijn.\"\n\n#: cookie_consent/models.py:33\nmsgid \"Is deletable?\"\nmsgstr \"Kan worden verwijderd?\"\n\n#: cookie_consent/models.py:34\nmsgid \"Can cookies in this group be deleted.\"\nmsgstr \"Of cookies in deze groep verwijderd kunnen worden.\"\n\n#: cookie_consent/models.py:37\nmsgid \"Ordering\"\nmsgstr \"Volgorde\"\n\n#: cookie_consent/models.py:38 cookie_consent/models.py:73\n#: cookie_consent/models.py:115\nmsgid \"Created\"\nmsgstr \"Aangemaakt\"\n\n#: cookie_consent/models.py:41\nmsgid \"Cookie Group\"\nmsgstr \"Cookiegroep\"\n\n#: cookie_consent/models.py:42\nmsgid \"Cookie Groups\"\nmsgstr \"Cookiegroepen\"\n\n#: cookie_consent/models.py:71\nmsgid \"Path\"\nmsgstr \"Pad\"\n\n#: cookie_consent/models.py:72\nmsgid \"Domain\"\nmsgstr \"Domein\"\n\n#: cookie_consent/models.py:76\nmsgid \"Cookie\"\nmsgstr \"Cookie\"\n\n#: cookie_consent/models.py:77\nmsgid \"Cookies\"\nmsgstr \"Cookies\"\n\n#: cookie_consent/models.py:102\n#: cookie_consent/templates/cookie_consent/_cookie_group.html:21\nmsgid \"Declined\"\nmsgstr \"Afgewezen\"\n\n#: cookie_consent/models.py:103\n#: cookie_consent/templates/cookie_consent/_cookie_group.html:12\nmsgid \"Accepted\"\nmsgstr \"Aanvaard\"\n\n#: cookie_consent/models.py:108\nmsgid \"Action\"\nmsgstr \"Actie\"\n\n#: cookie_consent/models.py:114\nmsgid \"Version\"\nmsgstr \"Versie\"\n\n#: cookie_consent/models.py:121\nmsgid \"Log item\"\nmsgstr \"Logitem\"\n\n#: cookie_consent/models.py:122\nmsgid \"Log items\"\nmsgstr \"Logitems\"\n\n#: cookie_consent/templates/cookie_consent/_cookie_group.html:16\nmsgid \"Accept\"\nmsgstr \"Aanvaarden\"\n\n#: cookie_consent/templates/cookie_consent/_cookie_group.html:25\nmsgid \"Decline\"\nmsgstr \"Weigeren\"\n" }, { "path": "cookie_consent/locale/oc/LC_MESSAGES/django.po", "content": "# SOME DESCRIPTIVE TITLE.\n# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER\n# This file is distributed under the same license as the PACKAGE package.\n# FIRST AUTHOR , YEAR.\n#\nmsgid \"\"\nmsgstr \"\"\n\"Project-Id-Version: \\n\"\n\"Report-Msgid-Bugs-To: \\n\"\n\"POT-Creation-Date: 2013-06-09 10:12+0200\\n\"\n\"PO-Revision-Date: 2021-07-22 21:55+0200\\n\"\n\"Language: oc\\n\"\n\"MIME-Version: 1.0\\n\"\n\"Content-Type: text/plain; charset=UTF-8\\n\"\n\"Content-Transfer-Encoding: 8bit\\n\"\n\"Last-Translator: Quentin PAGÈS\\n\"\n\"Language-Team: \\n\"\n\"X-Generator: Poedit 3.0\\n\"\n\"Plural-Forms: nplurals=2; plural=n > 1;\\n\"\n\n#: models.py:16\nmsgid \"\"\n\"Enter a valid 'varname' consisting of letters, numbers, underscores or \"\n\"hyphens.\"\nmsgstr \"\"\n\"Picatz un « varname » valid compausat de letras, nombres, jonhents \"\n\"basses e jonhents.\"\n\n#: models.py:23\nmsgid \"Variable name\"\nmsgstr \"Nom de la variabla\"\n\n#: models.py:26 models.py:66\nmsgid \"Name\"\nmsgstr \"Nom\"\n\n#: models.py:27 models.py:67\nmsgid \"Description\"\nmsgstr \"Descripcion\"\n\n#: models.py:29\nmsgid \"Is required\"\nmsgstr \"Es requesit\"\n\n#: models.py:30\nmsgid \"Are cookies in this group required.\"\nmsgstr \"Se los cookies d’aqueste grop son requesits.\"\n\n#: models.py:33\nmsgid \"Is deletable?\"\nmsgstr \"Se pòt suprimir ?\"\n\n#: models.py:34\nmsgid \"Can cookies in this group be deleted.\"\nmsgstr \"Se los cookies d’aqueste grop se pòdon suprimir.\"\n\n#: models.py:36\nmsgid \"Ordering\"\nmsgstr \"Òrdre\"\n\n#: models.py:37 models.py:70 models.py:106\nmsgid \"Created\"\nmsgstr \"Creat lo\"\n\n#: models.py:40\nmsgid \"Cookie Group\"\nmsgstr \"Grop de cookies\"\n\n#: models.py:41\nmsgid \"Cookie Groups\"\nmsgstr \"Grops de cookies\"\n\n#: models.py:68\nmsgid \"Path\"\nmsgstr \"Camin d'accès\"\n\n#: models.py:69\nmsgid \"Domain\"\nmsgstr \"Domeni\"\n\n#: models.py:73\nmsgid \"Cookie\"\nmsgstr \"Cookie\"\n\n#: models.py:74\nmsgid \"Cookies\"\nmsgstr \"Cookies\"\n\n#: models.py:95 templates/cookie_consent/_cookie_group.html:22\nmsgid \"Declined\"\nmsgstr \"Refusat\"\n\n#: models.py:96 templates/cookie_consent/_cookie_group.html:13\nmsgid \"Accepted\"\nmsgstr \"Acceptat\"\n\n#: models.py:101\nmsgid \"Action\"\nmsgstr \"Accion\"\n\n#: models.py:105\nmsgid \"Version\"\nmsgstr \"Version\"\n\n#: models.py:109\nmsgid \"Log item\"\nmsgstr \"Auditar element\"\n\n#: models.py:110\nmsgid \"Log items\"\nmsgstr \"Auditar element\"\n\n#: templates/cookie_consent/_cookie_group.html:17\nmsgid \"Accept\"\nmsgstr \"Acceptar\"\n\n#: templates/cookie_consent/_cookie_group.html:26\nmsgid \"Decline\"\nmsgstr \"Refusar\"\n" }, { "path": "cookie_consent/locale/pt_BR/LC_MESSAGES/django.po", "content": "# SOME DESCRIPTIVE TITLE.\n# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER\n# This file is distributed under the same license as the PACKAGE package.\n# FIRST AUTHOR , YEAR.\n#\n#, fuzzy\nmsgid \"\"\nmsgstr \"\"\n\"Project-Id-Version: PACKAGE VERSION\\n\"\n\"Report-Msgid-Bugs-To: \\n\"\n\"POT-Creation-Date: 2020-06-16 08:40+0100\\n\"\n\"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\\n\"\n\"Last-Translator: FULL NAME \\n\"\n\"Language-Team: LANGUAGE \\n\"\n\"Language: \\n\"\n\"MIME-Version: 1.0\\n\"\n\"Content-Type: text/plain; charset=UTF-8\\n\"\n\"Content-Transfer-Encoding: 8bit\\n\"\n\"Plural-Forms: nplurals=2; plural=(n > 1);\\n\"\n#: .\\django-cookie-consent\\cookie_consent\\models.py:16\nmsgid \"\"\n\"Enter a valid 'varname' consisting of letters, numbers, underscores or \"\n\"hyphens.\"\nmsgstr \"\"\n\"Insira um 'varname' válido, composto por letras, números, underscores ou \"\n\"hífens.\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:23\nmsgid \"Variable name\"\nmsgstr \"Nome da variável\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:26\n#: .\\django-cookie-consent\\cookie_consent\\models.py:67\nmsgid \"Name\"\nmsgstr \"Nome\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:27\n#: .\\django-cookie-consent\\cookie_consent\\models.py:68\nmsgid \"Description\"\nmsgstr \"Descrição\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:29\nmsgid \"Is required\"\nmsgstr \"\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:30\nmsgid \"Are cookies in this group required.\"\nmsgstr \"Se os cookies deste grupo são necessários.\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:33\nmsgid \"Is deletable?\"\nmsgstr \"\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:34\nmsgid \"Can cookies in this group be deleted.\"\nmsgstr \"Se os cookies deste grupo podem serem apagados.\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:36\nmsgid \"Ordering\"\nmsgstr \"Ordem\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:37\n#: .\\django-cookie-consent\\cookie_consent\\models.py:71\n#: .\\django-cookie-consent\\cookie_consent\\models.py:112\nmsgid \"Created\"\nmsgstr \"Criado em\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:40\nmsgid \"Cookie Group\"\nmsgstr \"Grupo de Cookies\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:41\nmsgid \"Cookie Groups\"\nmsgstr \"Grupos de Cookies\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:69\nmsgid \"Path\"\nmsgstr \"\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:70\nmsgid \"Domain\"\nmsgstr \"Domínio\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:74\nmsgid \"Cookie\"\nmsgstr \"\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:75\nmsgid \"Cookies\"\nmsgstr \"\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:100\n#: .\\django-cookie-consent\\cookie_consent\\templates\\cookie_consent\\_cookie_group.html:21\nmsgid \"Declined\"\nmsgstr \"Rejeitado\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:101\n#: .\\django-cookie-consent\\cookie_consent\\templates\\cookie_consent\\_cookie_group.html:12\nmsgid \"Accepted\"\nmsgstr \"Aceito\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:106\nmsgid \"Action\"\nmsgstr \"Ação\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:111\nmsgid \"Version\"\nmsgstr \"Versão\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:117\nmsgid \"Log item\"\nmsgstr \"\"\n\n#: .\\django-cookie-consent\\cookie_consent\\models.py:118\nmsgid \"Log items\"\nmsgstr \"\"\n\n#: .\\django-cookie-consent\\cookie_consent\\templates\\cookie_consent\\_cookie_group.html:16\nmsgid \"Accept\"\nmsgstr \"Aceitar\"\n\n#: .\\django-cookie-consent\\cookie_consent\\templates\\cookie_consent\\_cookie_group.html:25\nmsgid \"Decline\"\nmsgstr \"Recusar\"\n" }, { "path": "cookie_consent/locale/sl/LC_MESSAGES/django.po", "content": "# SOME DESCRIPTIVE TITLE.\n# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER\n# This file is distributed under the same license as the PACKAGE package.\n# FIRST AUTHOR , YEAR.\n#\n#, fuzzy\nmsgid \"\"\nmsgstr \"\"\n\"Project-Id-Version: PACKAGE VERSION\\n\"\n\"Report-Msgid-Bugs-To: \\n\"\n\"POT-Creation-Date: 2013-06-09 10:26+0200\\n\"\n\"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\\n\"\n\"Last-Translator: FULL NAME \\n\"\n\"Language-Team: LANGUAGE \\n\"\n\"Language: \\n\"\n\"MIME-Version: 1.0\\n\"\n\"Content-Type: text/plain; charset=UTF-8\\n\"\n\"Content-Transfer-Encoding: 8bit\\n\"\n\"Plural-Forms: nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n\"\n\"%100==4 ? 2 : 3);\\n\"\n\n#: models.py:16\nmsgid \"\"\n\"Enter a valid 'varname' consisting of letters, numbers, underscores or \"\n\"hyphens.\"\nmsgstr \"\"\n\n#: models.py:23\nmsgid \"Variable name\"\nmsgstr \"\"\n\n#: models.py:26 models.py:66\nmsgid \"Name\"\nmsgstr \"\"\n\n#: models.py:27 models.py:67\nmsgid \"Description\"\nmsgstr \"\"\n\n#: models.py:29\nmsgid \"Is required\"\nmsgstr \"\"\n\n#: models.py:30\nmsgid \"Are cookies in this group required.\"\nmsgstr \"\"\n\n#: models.py:33\nmsgid \"Is deletable?\"\nmsgstr \"\"\n\n#: models.py:34\nmsgid \"Can cookies in this group be deleted.\"\nmsgstr \"\"\n\n#: models.py:36\nmsgid \"Ordering\"\nmsgstr \"\"\n\n#: models.py:37 models.py:70 models.py:106\nmsgid \"Created\"\nmsgstr \"\"\n\n#: models.py:40\nmsgid \"Cookie Group\"\nmsgstr \"\"\n\n#: models.py:41\nmsgid \"Cookie Groups\"\nmsgstr \"\"\n\n#: models.py:68\nmsgid \"Path\"\nmsgstr \"\"\n\n#: models.py:69\nmsgid \"Domain\"\nmsgstr \"\"\n\n#: models.py:73\nmsgid \"Cookie\"\nmsgstr \"Piškot\"\n\n#: models.py:74\nmsgid \"Cookies\"\nmsgstr \"Piškotki\"\n\n#: models.py:95 templates/cookie_consent/_cookie_group.html:22\nmsgid \"Declined\"\nmsgstr \"Zavrnjeno\"\n\n#: models.py:96 templates/cookie_consent/_cookie_group.html:13\nmsgid \"Accepted\"\nmsgstr \"Sprejeto\"\n\n#: models.py:101\nmsgid \"Action\"\nmsgstr \"Ukrep\"\n\n#: models.py:105\nmsgid \"Version\"\nmsgstr \"Različica\"\n\n#: models.py:109\nmsgid \"Log item\"\nmsgstr \"\"\n\n#: models.py:110\nmsgid \"Log items\"\nmsgstr \"\"\n\n#: templates/cookie_consent/_cookie_group.html:17\nmsgid \"Accept\"\nmsgstr \"Strinjam se\"\n\n#: templates/cookie_consent/_cookie_group.html:26\nmsgid \"Decline\"\nmsgstr \"Ne strinjam se\"\n" }, { "path": "cookie_consent/management/__init__.py", "content": "" }, { "path": "cookie_consent/management/commands/__init__.py", "content": "" }, { "path": "cookie_consent/management/commands/prune_cookie_consent_logs.py", "content": "from datetime import timedelta\n\nfrom django.core.management.base import BaseCommand\nfrom django.utils import timezone\n\nfrom ...models import LogItem\n\n\nclass Command(BaseCommand):\n help = \"Prune old LogItem records older than a given number of days.\"\n\n def add_arguments(self, parser):\n parser.add_argument(\n \"--days\",\n type=int,\n default=90,\n help=\"Delete log items older than this many days (default: 90).\",\n )\n\n def handle(self, *args, **options):\n days = options[\"days\"]\n cutoff = timezone.now() - timedelta(days=days)\n deleted, _ = LogItem.objects.filter(created__lt=cutoff).delete()\n self.stdout.write(\n self.style.SUCCESS(f\"Deleted {deleted} log item(s) older than {days} days.\")\n )\n" }, { "path": "cookie_consent/middleware.py", "content": "from collections.abc import Callable\n\nfrom django.http import HttpRequest, HttpResponseBase\n\nfrom .cache import all_cookie_groups\nfrom .conf import settings\nfrom .util import get_cookie_dict_from_request, is_cookie_consent_enabled\n\n\ndef _should_delete_cookie(group_version: str | None) -> bool:\n # declined after it was accepted (and set) before\n if group_version == settings.COOKIE_CONSENT_DECLINE:\n return True\n\n # if you need to opt-out instead of opt-in, then we only delete the cookie in the\n # above scenario -> when the group is explicitly declined\n if settings.COOKIE_CONSENT_OPT_OUT:\n return False\n\n # when we are opt-in and have no information whether the cookie group was accepted\n # or declined, delete the cookie(s).\n if group_version is None:\n return True\n\n return False\n\n\nclass CleanCookiesMiddleware:\n \"\"\"\n Clean declined or non-accepted cookies.\n\n Note that this only applies if COOKIE_CONSENT_OPT_OUT is not set.\n \"\"\"\n\n def __init__(self, get_response: Callable[[HttpRequest], HttpResponseBase]):\n self.get_response = get_response\n\n def __call__(self, request: HttpRequest):\n response = self.get_response(request)\n if is_cookie_consent_enabled(request):\n self.process_response(request, response)\n return response\n\n def process_response(self, request: HttpRequest, response: HttpResponseBase):\n cookie_dic = get_cookie_dict_from_request(request)\n\n cookies_to_delete = []\n for cookie_group in all_cookie_groups().values():\n if not cookie_group.is_deletable:\n continue\n\n group_version = cookie_dic.get(cookie_group.varname, None)\n for cookie in cookie_group.cookie_set.all():\n if cookie.name not in request.COOKIES:\n continue\n if _should_delete_cookie(group_version):\n cookies_to_delete.append(cookie)\n\n for cookie in cookies_to_delete:\n response.delete_cookie(cookie.name, cookie.path, cookie.domain)\n\n return response\n" }, { "path": "cookie_consent/migrations/0001_initial.py", "content": "# Generated by Django 2.1 on 2019-02-08 14:14\n\nimport re\n\nimport django.core.validators\nimport django.db.models.deletion\nfrom django.db import migrations, models\n\n\nclass Migration(migrations.Migration):\n initial = True\n\n dependencies = []\n\n operations = [\n migrations.CreateModel(\n name=\"Cookie\",\n fields=[\n (\n \"id\",\n models.AutoField(\n auto_created=True,\n primary_key=True,\n serialize=False,\n verbose_name=\"ID\",\n ),\n ),\n (\"name\", models.CharField(max_length=250, verbose_name=\"Name\")),\n (\n \"description\",\n models.TextField(blank=True, verbose_name=\"Description\"),\n ),\n (\n \"path\",\n models.TextField(blank=True, default=\"/\", verbose_name=\"Path\"),\n ),\n (\n \"domain\",\n models.CharField(blank=True, max_length=250, verbose_name=\"Domain\"),\n ),\n (\n \"created\",\n models.DateTimeField(auto_now_add=True, verbose_name=\"Created\"),\n ),\n ],\n options={\n \"verbose_name\": \"Cookie\",\n \"verbose_name_plural\": \"Cookies\",\n \"ordering\": [\"-created\"],\n },\n ),\n migrations.CreateModel(\n name=\"CookieGroup\",\n fields=[\n (\n \"id\",\n models.AutoField(\n auto_created=True,\n primary_key=True,\n serialize=False,\n verbose_name=\"ID\",\n ),\n ),\n (\n \"varname\",\n models.CharField(\n max_length=32,\n validators=[\n django.core.validators.RegexValidator(\n re.compile(\"^[-_a-zA-Z0-9]+$\"),\n \"Enter a valid 'varname' consisting of letters, \"\n \"numbers, underscores or hyphens.\",\n \"invalid\",\n )\n ],\n verbose_name=\"Variable name\",\n ),\n ),\n (\n \"name\",\n models.CharField(blank=True, max_length=100, verbose_name=\"Name\"),\n ),\n (\n \"description\",\n models.TextField(blank=True, verbose_name=\"Description\"),\n ),\n (\n \"is_required\",\n models.BooleanField(\n default=False,\n help_text=\"Are cookies in this group required.\",\n verbose_name=\"Is required\",\n ),\n ),\n (\n \"is_deletable\",\n models.BooleanField(\n default=True,\n help_text=\"Can cookies in this group be deleted.\",\n verbose_name=\"Is deletable?\",\n ),\n ),\n (\"ordering\", models.IntegerField(default=0, verbose_name=\"Ordering\")),\n (\n \"created\",\n models.DateTimeField(auto_now_add=True, verbose_name=\"Created\"),\n ),\n ],\n options={\n \"verbose_name\": \"Cookie Group\",\n \"verbose_name_plural\": \"Cookie Groups\",\n \"ordering\": [\"ordering\"],\n },\n ),\n migrations.AddField(\n model_name=\"cookie\",\n name=\"cookiegroup\",\n field=models.ForeignKey(\n on_delete=django.db.models.deletion.CASCADE,\n to=\"cookie_consent.CookieGroup\",\n verbose_name=\"Cookie Group\",\n ),\n ),\n ]\n" }, { "path": "cookie_consent/migrations/0002_auto__add_logitem.py", "content": "# Generated by Django 2.1 on 2019-02-08 14:16\n\nimport django.db.models.deletion\nfrom django.db import migrations, models\n\n\nclass Migration(migrations.Migration):\n dependencies = [\n (\"cookie_consent\", \"0001_initial\"),\n ]\n\n operations = [\n migrations.CreateModel(\n name=\"LogItem\",\n fields=[\n (\n \"id\",\n models.AutoField(\n auto_created=True,\n primary_key=True,\n serialize=False,\n verbose_name=\"ID\",\n ),\n ),\n (\n \"action\",\n models.IntegerField(\n choices=[(-1, \"Declined\"), (1, \"Accepted\")],\n verbose_name=\"Action\",\n ),\n ),\n (\"version\", models.CharField(max_length=32, verbose_name=\"Version\")),\n (\n \"created\",\n models.DateTimeField(auto_now_add=True, verbose_name=\"Created\"),\n ),\n (\n \"cookiegroup\",\n models.ForeignKey(\n on_delete=django.db.models.deletion.CASCADE,\n to=\"cookie_consent.CookieGroup\",\n verbose_name=\"Cookie Group\",\n ),\n ),\n ],\n options={\n \"verbose_name\": \"Log item\",\n \"verbose_name_plural\": \"Log items\",\n \"ordering\": [\"-created\"],\n },\n ),\n ]\n" }, { "path": "cookie_consent/migrations/0003_alter_cookiegroup_varname.py", "content": "# Generated by Django 4.2.13 on 2024-05-09 19:01\n\nimport re\n\nimport django.core.validators\nfrom django.db import migrations, models\n\n\nclass Migration(migrations.Migration):\n dependencies = [\n (\"cookie_consent\", \"0002_auto__add_logitem\"),\n ]\n\n operations = [\n migrations.AlterField(\n model_name=\"cookiegroup\",\n name=\"varname\",\n field=models.CharField(\n max_length=32,\n unique=True,\n validators=[\n django.core.validators.RegexValidator(\n re.compile(\"^[-_a-zA-Z0-9]+$\"),\n \"Enter a valid 'varname' consisting of letters, numbers, \"\n \"underscores or hyphens.\",\n \"invalid\",\n )\n ],\n verbose_name=\"Variable name\",\n ),\n ),\n ]\n" }, { "path": "cookie_consent/migrations/0004_cookie_natural_key.py", "content": "# Generated by Django 4.2.13 on 2024-05-09 20:22\n\nfrom django.db import migrations, models\n\n\nclass Migration(migrations.Migration):\n dependencies = [\n (\"cookie_consent\", \"0003_alter_cookiegroup_varname\"),\n ]\n\n operations = [\n migrations.AddConstraint(\n model_name=\"cookie\",\n constraint=models.UniqueConstraint(\n fields=(\"cookiegroup\", \"name\", \"domain\"), name=\"natural_key\"\n ),\n ),\n ]\n" }, { "path": "cookie_consent/migrations/__init__.py", "content": "" }, { "path": "cookie_consent/models.py", "content": "from __future__ import annotations\n\nimport re\nfrom collections.abc import Callable\nfrom typing import ClassVar, ParamSpec, TypedDict, TypeVar\n\nfrom django.core.validators import RegexValidator\nfrom django.db import models\nfrom django.utils.translation import gettext_lazy as _\n\nCOOKIE_NAME_RE = re.compile(r\"^[-_a-zA-Z0-9]+$\")\nvalidate_cookie_name = RegexValidator(\n COOKIE_NAME_RE,\n _(\n \"Enter a valid 'varname' consisting of letters, numbers\"\n \", underscores or hyphens.\"\n ),\n \"invalid\",\n)\n\nP = ParamSpec(\"P\")\nT = TypeVar(\"T\")\n\n\ndef clear_cache_after(func: Callable[P, T]) -> Callable[P, T]:\n def wrapper(*args: P.args, **kwargs: P.kwargs):\n from .cache import delete_cache\n\n return_value = func(*args, **kwargs)\n delete_cache()\n return return_value\n\n return wrapper\n\n\nclass CookieGroupDict(TypedDict):\n varname: str\n name: str\n description: str\n is_required: bool\n # The version is deliberately not included because it requires page/view cache\n # busting if a new cookie gets added to the group, which we don't control.\n\n\nclass BaseQueryset(models.query.QuerySet):\n @clear_cache_after\n def delete(self):\n return super().delete()\n\n @clear_cache_after\n def update(self, **kwargs):\n return super().update(**kwargs)\n\n\nclass CookieGroupManager(models.Manager.from_queryset(BaseQueryset)):\n def get_by_natural_key(self, varname: str) -> CookieGroup:\n return self.get(varname=varname)\n\n\nclass CookieGroup(models.Model):\n varname = models.CharField(\n _(\"Variable name\"),\n max_length=32,\n unique=True,\n validators=[validate_cookie_name],\n )\n name = models.CharField(_(\"Name\"), max_length=100, blank=True)\n description = models.TextField(_(\"Description\"), blank=True)\n is_required = models.BooleanField(\n _(\"Is required\"),\n help_text=_(\"Are cookies in this group required.\"),\n default=False,\n )\n is_deletable = models.BooleanField(\n _(\"Is deletable?\"),\n help_text=_(\"Can cookies in this group be deleted.\"),\n default=True,\n )\n ordering = models.IntegerField(_(\"Ordering\"), default=0)\n created = models.DateTimeField(_(\"Created\"), auto_now_add=True, blank=True)\n\n objects: ClassVar[CookieGroupManager] = CookieGroupManager() # pyright: ignore[reportIncompatibleVariableOverride]\n cookie_set: ClassVar[CookieManager]\n\n class Meta:\n verbose_name = _(\"Cookie Group\")\n verbose_name_plural = _(\"Cookie Groups\")\n ordering = [\"ordering\"]\n\n def __str__(self):\n return self.name\n\n @clear_cache_after\n def save(self, *args, **kwargs):\n super().save(*args, **kwargs)\n\n @clear_cache_after\n def delete(self, *args, **kwargs):\n return super().delete(*args, **kwargs)\n\n def natural_key(self) -> tuple[str]:\n return (self.varname,)\n\n def get_version(self) -> str:\n try:\n # this relies on the cookie set being ordered by most-recently created\n # first.\n # Note that we don't use `.first()` as that's a new query and bypasses\n # the cache.\n return str(self.cookie_set.all()[0].get_version())\n except IndexError:\n return \"\"\n\n def for_json(self) -> CookieGroupDict:\n return {\n \"varname\": self.varname,\n \"name\": self.name,\n \"description\": self.description,\n \"is_required\": self.is_required,\n # \"version\": self.get_version(),\n }\n\n\nclass CookieManager(models.Manager.from_queryset(BaseQueryset)):\n def get_by_natural_key(self, name: str, domain: str, cookiegroup: str) -> Cookie:\n group = CookieGroup.objects.get_by_natural_key(cookiegroup)\n return self.get(cookiegroup=group, name=name, domain=domain)\n\n\nclass Cookie(models.Model):\n cookiegroup = models.ForeignKey(\n CookieGroup,\n verbose_name=CookieGroup._meta.verbose_name,\n on_delete=models.CASCADE,\n )\n name = models.CharField(_(\"Name\"), max_length=250)\n description = models.TextField(_(\"Description\"), blank=True)\n path = models.TextField(_(\"Path\"), blank=True, default=\"/\")\n domain = models.CharField(_(\"Domain\"), max_length=250, blank=True)\n created = models.DateTimeField(_(\"Created\"), auto_now_add=True, blank=True)\n\n objects = CookieManager()\n\n class Meta:\n verbose_name = _(\"Cookie\")\n verbose_name_plural = _(\"Cookies\")\n constraints = [\n models.UniqueConstraint(\n fields=(\"cookiegroup\", \"name\", \"domain\"),\n name=\"natural_key\",\n ),\n ]\n ordering = [\"-created\"]\n\n def __str__(self):\n return f\"{self.name} {self.domain}{self.path}\"\n\n @clear_cache_after\n def save(self, *args, **kwargs):\n super().save(*args, **kwargs)\n\n @clear_cache_after\n def delete(self, *args, **kwargs):\n return super().delete(*args, **kwargs)\n\n def natural_key(self) -> tuple[str, str, str]:\n return (self.name, self.domain) + self.cookiegroup.natural_key()\n\n natural_key.dependencies = [\"cookie_consent.cookiegroup\"] # pyright: ignore[reportFunctionMemberAccess]\n\n @property\n def varname(self) -> str:\n group_varname = self.cookiegroup.varname\n return f\"{group_varname}={self.name}:{self.domain}\"\n\n def get_version(self) -> str:\n return self.created.isoformat()\n\n\nACTION_ACCEPTED = 1\nACTION_DECLINED = -1\nACTION_CHOICES = (\n (ACTION_DECLINED, _(\"Declined\")),\n (ACTION_ACCEPTED, _(\"Accepted\")),\n)\n\n\nclass LogItem(models.Model):\n action = models.IntegerField(_(\"Action\"), choices=ACTION_CHOICES)\n cookiegroup = models.ForeignKey(\n CookieGroup,\n verbose_name=CookieGroup._meta.verbose_name,\n on_delete=models.CASCADE,\n )\n version = models.CharField(_(\"Version\"), max_length=32)\n created = models.DateTimeField(_(\"Created\"), auto_now_add=True, blank=True)\n\n class Meta:\n verbose_name = _(\"Log item\")\n verbose_name_plural = _(\"Log items\")\n ordering = [\"-created\"]\n\n def __str__(self):\n return f\"{self.cookiegroup.name} {self.version}\"\n" }, { "path": "cookie_consent/processor.py", "content": "from collections.abc import Collection\nfrom typing import Literal\n\nfrom django.http import HttpRequest, HttpResponseBase\n\nfrom .conf import settings\nfrom .models import ACTION_ACCEPTED, ACTION_DECLINED, CookieGroup, LogItem\nfrom .util import get_cookie_dict_from_request, set_cookie_dict_to_response\n\n\nclass CookiesProcessor:\n \"\"\"\n Process the accept/decline logic for cookie groups.\n \"\"\"\n\n def __init__(self, request: HttpRequest, response: HttpResponseBase):\n self.request = request\n self.response = response\n\n def process(\n self,\n cookie_groups: Collection[CookieGroup],\n action: Literal[\"accept\", \"decline\"],\n ) -> None:\n \"\"\"\n Apply ``action`` to the specified ``cookie_groups``.\n\n Mutates the response by updating the cookie tracking the cookie group status. If\n there are no cookie groups provided, nothing happens.\n \"\"\"\n if not cookie_groups:\n return\n\n cookie_dic = get_cookie_dict_from_request(self.request)\n\n match action:\n case \"accept\":\n for cookie_group in cookie_groups:\n cookie_dic[cookie_group.varname] = cookie_group.get_version()\n case \"decline\":\n self._delete_cookies(cookie_groups)\n for cookie_group in cookie_groups:\n cookie_dic[cookie_group.varname] = settings.COOKIE_CONSENT_DECLINE\n\n self._log_action(cookie_groups, action)\n set_cookie_dict_to_response(self.response, cookie_dic)\n\n def _log_action(\n self,\n cookie_groups: Collection[CookieGroup],\n action: Literal[\"accept\", \"decline\"],\n ) -> None:\n if not settings.COOKIE_CONSENT_LOG_ENABLED:\n return\n # TODO: replace with stdlib logging call/helper instead of creating DB records\n # directly.\n\n action_map: dict[Literal[\"accept\", \"decline\"], int] = {\n \"accept\": ACTION_ACCEPTED,\n \"decline\": ACTION_DECLINED,\n }\n log_items: list[LogItem] = [\n LogItem(\n action=action_map[action],\n cookiegroup=cookie_group,\n version=cookie_group.get_version(),\n )\n for cookie_group in cookie_groups\n ]\n LogItem.objects.bulk_create(log_items)\n\n def _delete_cookies(self, cookie_groups: Collection[CookieGroup]) -> None:\n for cookie_group in cookie_groups:\n if not cookie_group.is_deletable:\n continue\n for cookie in cookie_group.cookie_set.all():\n self.response.delete_cookie(cookie.name, cookie.path, cookie.domain)\n" }, { "path": "cookie_consent/py.typed", "content": "" }, { "path": "cookie_consent/templates/cookie_consent/_cookie_group.html", "content": "{% load i18n %}\n{% load cookie_consent_tags %}\n\n\n
\n
\n

{{ cookie_group.name }}

\n\n {% if not cookie_group.is_required %}\n
\n {% if request|cookie_group_accepted:cookie_group.varname %}\n {% trans \"Accepted\" %}\n {% else %}\n
\n {% csrf_token %}\n \n \n
\n {% endif %}\n\n {% if request|cookie_group_declined:cookie_group.varname %}\n {% trans \"Declined\" %}\n {% else %}\n
\n {% csrf_token %}\n \n \n
\n {% endif %}\n
\n {% endif %}\n\n
\n\n

\n {{ cookie_group.description }}\n

\n\n\n \n {% for cookie in cookie_group.cookie_set.all %}\n \n \n \n \n {% endfor %}\n
\n {{ cookie.name }}\n {% if cookie.domain %}\n ({{ cookie.domain }})\n {% endif %}\n \n {% if cookie.description %}\n {{ cookie.description }}\n {% endif %}\n
\n\n
\n" }, { "path": "cookie_consent/templates/cookie_consent/base.html", "content": "\n \n \n {% block body %}\n {% endblock %}\n \n\n" }, { "path": "cookie_consent/templates/cookie_consent/cookiegroup_list.html", "content": "{% extends \"cookie_consent/base.html\" %}\n\n{% block body %}\n

Cookies

\n\n

\n This is a list of the categories of cookies used in our website and why we use them.\n

\n\n {% for cookie_group in object_list %}\n {% include \"cookie_consent/_cookie_group.html\" %}\n {% endfor %}\n\n{% endblock %}\n" }, { "path": "cookie_consent/templatetags/__init__.py", "content": "#!/usr/bin/env python\n" }, { "path": "cookie_consent/templatetags/cookie_consent_tags.py", "content": "from collections.abc import Collection\n\nfrom django import template\nfrom django.http import HttpRequest\nfrom django.utils.html import json_script\n\nfrom ..cache import all_cookie_groups as get_all_cookie_groups\nfrom ..models import CookieGroup\nfrom ..util import (\n are_all_cookies_accepted,\n get_cookie_value_from_request,\n get_not_accepted_or_declined_cookie_groups,\n is_cookie_consent_enabled,\n)\n\nregister = template.Library()\n\n\n@register.filter\ndef cookie_group_accepted(request: HttpRequest, group_or_cookie: str) -> bool:\n \"\"\"\n Return ``True`` if the cookie group/cookie is accepted.\n\n Examples:\n\n .. code-block:: django\n\n {{ request|cookie_group_accepted:\"analytics\" }}\n {{ request|cookie_group_accepted:\"analytics=*:.google.com\" }}\n \"\"\"\n value = get_cookie_value_from_request(request, *group_or_cookie.split(\"=\"))\n return value is True\n\n\n@register.filter\ndef cookie_group_declined(request: HttpRequest, group_or_cookie: str) -> bool:\n \"\"\"\n Return ``True`` if the cookie group/cookie is declined.\n\n Examples:\n\n .. code-block:: django\n\n {{ request|cookie_group_declined:\"analytics\" }}\n {{ request|cookie_group_declined:\"analytics=*:.google.com\" }}\n \"\"\"\n value = get_cookie_value_from_request(request, *group_or_cookie.split(\"=\"))\n return value is False\n\n\n@register.filter\ndef all_cookies_accepted(request: HttpRequest) -> bool:\n \"\"\"\n Filter returns if all cookies are accepted.\n \"\"\"\n return are_all_cookies_accepted(request)\n\n\n@register.simple_tag\ndef not_accepted_or_declined_cookie_groups(\n request: HttpRequest,\n) -> Collection[CookieGroup]:\n \"\"\"\n Return the cookie groups for which no explicit accept or decline has been given.\n \"\"\"\n return get_not_accepted_or_declined_cookie_groups(request)\n\n\n@register.filter\ndef cookie_consent_enabled(request: HttpRequest) -> bool:\n \"\"\"\n Indicate whether the cookie-consent app is enabled or not.\n \"\"\"\n return is_cookie_consent_enabled(request)\n\n\n@register.simple_tag\ndef all_cookie_groups(element_id: str):\n \"\"\"\n Serialize all cookie groups to JSON and output them in a script tag.\n\n :param element_id: The ID for the script tag so you can look it up in JS later.\n\n This uses Django's core json_script filter under the hood.\n \"\"\"\n groups = get_all_cookie_groups()\n value = [group.for_json() for group in groups.values()]\n return json_script(value, element_id)\n" }, { "path": "cookie_consent/urls.py", "content": "from django.urls import path\n\nfrom .views import (\n CookieGroupAcceptView,\n CookieGroupDeclineView,\n CookieGroupListView,\n CookieStatusView,\n)\n\nurlpatterns = [\n path(\"accept/\", CookieGroupAcceptView.as_view(), name=\"cookie_consent_accept\"),\n path(\"decline/\", CookieGroupDeclineView.as_view(), name=\"cookie_consent_decline\"),\n path(\"status/\", CookieStatusView.as_view(), name=\"cookie_consent_status\"),\n path(\"\", CookieGroupListView.as_view(), name=\"cookie_consent_cookie_group_list\"),\n]\n" }, { "path": "cookie_consent/util.py", "content": "import logging\nfrom collections.abc import Callable, Collection, Iterator\n\nfrom django.http import HttpRequest, HttpResponseBase\n\nfrom .cache import all_cookie_groups, get_cookie, get_cookie_group\nfrom .conf import settings\nfrom .models import Cookie, CookieGroup\n\nlogger = logging.getLogger(__name__)\n\nCOOKIE_GROUP_SEP = \"|\"\nKEY_VALUE_SEP = \"=\"\n\n\ndef parse_cookie_str(cookie: str) -> dict[str, str]:\n if not cookie:\n return {}\n\n bits = cookie.split(COOKIE_GROUP_SEP)\n\n def _gen_pairs() -> Iterator[tuple[str, str]]:\n for possible_pair in bits:\n parts = possible_pair.split(KEY_VALUE_SEP)\n if len(parts) == 2:\n varname, cookie = parts\n yield varname, cookie\n else:\n logger.debug(\"cookie_value_discarded\", extra={\"value\": possible_pair})\n\n return dict(_gen_pairs())\n\n\ndef _contains_invalid_characters(*inputs: str) -> bool:\n # = and | are special separators. They are unexpected characters in both\n # keys and values.\n for separator in (COOKIE_GROUP_SEP, KEY_VALUE_SEP):\n for value in inputs:\n if separator in value:\n logger.debug(\"skip_separator\", extra={\"value\": value, \"sep\": separator})\n return True\n return False\n\n\ndef dict_to_cookie_str(dic: dict[str, str]) -> str:\n \"\"\"\n Serialize a dictionary of cookie-group metadata to a string.\n\n The result is stored in a cookie itself. Note that the dictionary keys are expected\n to be cookie group ``varname`` fields, which are validated against a slug regex. The\n values are supposed to be ISO-8601 timestamps.\n\n Invalid key/value pairs are dropped.\n \"\"\"\n\n def _gen_pairs() -> Iterator[str]:\n for key, value in dic.items():\n if _contains_invalid_characters(key, value):\n continue\n yield f\"{key}={value}\"\n\n return \"|\".join(_gen_pairs())\n\n\ndef get_cookie_dict_from_request(request: HttpRequest) -> dict[str, str]:\n cookie_str = request.COOKIES.get(settings.COOKIE_CONSENT_NAME, \"\")\n return parse_cookie_str(cookie_str)\n\n\ndef set_cookie_dict_to_response(\n response: HttpResponseBase, dic: dict[str, str]\n) -> None:\n response.set_cookie(\n settings.COOKIE_CONSENT_NAME,\n dict_to_cookie_str(dic),\n max_age=settings.COOKIE_CONSENT_MAX_AGE,\n domain=settings.COOKIE_CONSENT_DOMAIN,\n secure=settings.COOKIE_CONSENT_SECURE,\n httponly=settings.COOKIE_CONSENT_HTTPONLY,\n samesite=settings.COOKIE_CONSENT_SAMESITE,\n )\n\n\ndef get_cookie_value_from_request(\n request: HttpRequest, varname: str, cookie: str = \"\"\n) -> bool | None:\n \"\"\"\n Returns if cookie group or its specific cookie has been accepted.\n\n Returns True or False when cookie is accepted or declined or None\n if cookie is not set.\n \"\"\"\n if not (cookie_dic := get_cookie_dict_from_request(request)):\n return None\n if not (cookie_group := get_cookie_group(varname=varname)):\n return None\n\n _cookie: Cookie | None = None\n if cookie:\n name, domain = cookie.split(\":\")\n _cookie = get_cookie(cookie_group, name, domain)\n\n match version := cookie_dic.get(varname, None):\n case None:\n return None\n case str() if version == settings.COOKIE_CONSENT_DECLINE:\n return False\n\n reference_version = _cookie.get_version() if _cookie else cookie_group.get_version()\n if version >= reference_version:\n return True\n return None\n\n\ndef get_cookie_groups(varname: str = \"\") -> Collection[CookieGroup]:\n if not varname:\n return all_cookie_groups().values()\n keys = varname.split(\",\")\n return [g for k, g in all_cookie_groups().items() if k in keys]\n\n\ndef are_all_cookies_accepted(request: HttpRequest) -> bool:\n \"\"\"\n Returns if all cookies are accepted.\n \"\"\"\n return all(\n [\n get_cookie_value_from_request(request, cookie_group.varname)\n for cookie_group in get_cookie_groups()\n ]\n )\n\n\ndef _get_cookie_groups_by_state(request, state: bool | None) -> Collection[CookieGroup]:\n return [\n cookie_group\n for cookie_group in get_cookie_groups()\n if get_cookie_value_from_request(request, cookie_group.varname) is state\n ]\n\n\ndef get_not_accepted_or_declined_cookie_groups(\n request: HttpRequest,\n) -> Collection[CookieGroup]:\n \"\"\"\n Returns all cookie groups that are neither accepted or declined.\n \"\"\"\n return _get_cookie_groups_by_state(request, state=None)\n\n\ndef get_accepted_cookie_groups(request: HttpRequest) -> Collection[CookieGroup]:\n \"\"\"\n Returns all cookie groups that are accepted.\n \"\"\"\n return _get_cookie_groups_by_state(request, state=True)\n\n\ndef get_declined_cookie_groups(request: HttpRequest) -> Collection[CookieGroup]:\n \"\"\"\n Returns all cookie groups that are declined.\n \"\"\"\n return _get_cookie_groups_by_state(request, state=False)\n\n\ndef is_cookie_consent_enabled(request: HttpRequest) -> bool:\n \"\"\"\n Returns if django-cookie-consent is enabled for given request.\n \"\"\"\n enabled: bool | Callable[[HttpRequest], bool] = settings.COOKIE_CONSENT_ENABLED\n return enabled(request) if callable(enabled) else enabled\n" }, { "path": "cookie_consent/views.py", "content": "from typing import Literal\n\nfrom django.contrib.auth.views import RedirectURLMixin\nfrom django.http import (\n HttpRequest,\n HttpResponse,\n HttpResponseBase,\n HttpResponseRedirect,\n JsonResponse,\n)\nfrom django.middleware.csrf import get_token as get_csrf_token\nfrom django.urls import reverse\nfrom django.views.generic import ListView, View\n\nfrom .conf import settings\nfrom .forms import ProcessCookiesForm\nfrom .models import CookieGroup\nfrom .processor import CookiesProcessor\nfrom .util import (\n get_accepted_cookie_groups,\n get_declined_cookie_groups,\n get_not_accepted_or_declined_cookie_groups,\n)\n\n\ndef is_ajax_like(request: HttpRequest) -> bool:\n # legacy ajax, removed in Django 4.0 (used to be request.is_ajax())\n ajax_header = request.headers.get(\"X-Requested-With\")\n if ajax_header == \"XMLHttpRequest\":\n return True\n\n # module-js uses fetch and a custom header\n return bool(request.headers.get(\"X-Cookie-Consent-Fetch\"))\n\n\nclass CookieGroupListView(ListView):\n \"\"\"\n Display all cookies.\n \"\"\"\n\n model = CookieGroup\n\n\nclass CookieGroupBaseProcessView(RedirectURLMixin, View):\n \"\"\"\n Process the cookie groups submitted in the POST request (or URL parameters).\n\n :class:`RedirectURLMixin` takes care of the hardening against open redirects.\n \"\"\"\n\n cookie_process_action: Literal[\"accept\", \"decline\"]\n \"\"\"\n Processing action to apply, must be set on the subclasses.\n \"\"\"\n\n def get_default_redirect_url(self) -> str:\n return settings.COOKIE_CONSENT_SUCCESS_URL\n\n def post(self, request: HttpRequest, *args, **kwargs):\n form = ProcessCookiesForm(data=request.POST)\n\n if not form.is_valid():\n if is_ajax_like(request):\n return JsonResponse(form.errors.get_json_data())\n else:\n return HttpResponse(form.errors.render())\n\n cookie_groups = form.get_cookie_groups()\n\n response: HttpResponseBase\n if is_ajax_like(request):\n response = HttpResponse()\n else:\n response = HttpResponseRedirect(self.get_success_url())\n\n processor = CookiesProcessor(request, response)\n processor.process(cookie_groups, action=self.cookie_process_action)\n\n return response\n\n\nclass CookieGroupAcceptView(CookieGroupBaseProcessView):\n \"\"\"\n View to accept CookieGroup.\n \"\"\"\n\n cookie_process_action = \"accept\"\n\n\nclass CookieGroupDeclineView(CookieGroupBaseProcessView):\n \"\"\"\n View to decline CookieGroup.\n \"\"\"\n\n cookie_process_action = \"decline\"\n\n\nclass CookieStatusView(View):\n \"\"\"\n Check the current accept/decline status for cookies.\n\n The returned accept and decline URLs are specific to this user and include the\n cookie groups that weren't accepted or declined yet.\n\n Note that this endpoint also returns a CSRF Token to be used by the frontend,\n as baking a CSRFToken into a cached page will not reliably work.\n \"\"\"\n\n def get(self, request: HttpRequest) -> JsonResponse:\n accepted = get_accepted_cookie_groups(request)\n declined = get_declined_cookie_groups(request)\n not_accepted_or_declined = get_not_accepted_or_declined_cookie_groups(request)\n data = {\n \"csrftoken\": get_csrf_token(request),\n \"acceptUrl\": reverse(\"cookie_consent_accept\"),\n \"declineUrl\": reverse(\"cookie_consent_decline\"),\n \"acceptedCookieGroups\": [group.varname for group in accepted],\n \"declinedCookieGroups\": [group.varname for group in declined],\n \"notAcceptedOrDeclinedCookieGroups\": [\n group.varname for group in not_accepted_or_declined\n ],\n }\n return JsonResponse(data)\n" }, { "path": "docs/Makefile", "content": "# Makefile for Sphinx documentation\n#\n\n# You can set these variables from the command line.\nSPHINXOPTS =\nSPHINXBUILD = sphinx-build\nPAPER =\nBUILDDIR = _build\n\n# Internal variables.\nPAPEROPT_a4 = -D latex_paper_size=a4\nPAPEROPT_letter = -D latex_paper_size=letter\nALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .\n# the i18n builder cannot share the environment and doctrees with the others\nI18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .\n\n.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext\n\nhelp:\n\t@echo \"Please use \\`make ' where is one of\"\n\t@echo \" html to make standalone HTML files\"\n\t@echo \" dirhtml to make HTML files named index.html in directories\"\n\t@echo \" singlehtml to make a single large HTML file\"\n\t@echo \" pickle to make pickle files\"\n\t@echo \" json to make JSON files\"\n\t@echo \" htmlhelp to make HTML files and a HTML help project\"\n\t@echo \" qthelp to make HTML files and a qthelp project\"\n\t@echo \" devhelp to make HTML files and a Devhelp project\"\n\t@echo \" epub to make an epub\"\n\t@echo \" latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter\"\n\t@echo \" latexpdf to make LaTeX files and run them through pdflatex\"\n\t@echo \" text to make text files\"\n\t@echo \" man to make manual pages\"\n\t@echo \" texinfo to make Texinfo files\"\n\t@echo \" info to make Texinfo files and run them through makeinfo\"\n\t@echo \" gettext to make PO message catalogs\"\n\t@echo \" changes to make an overview of all changed/added/deprecated items\"\n\t@echo \" linkcheck to check all external links for integrity\"\n\t@echo \" doctest to run all doctests embedded in the documentation (if enabled)\"\n\nclean:\n\t-rm -rf $(BUILDDIR)/*\n\nhtml:\n\t$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html\n\t@echo\n\t@echo \"Build finished. The HTML pages are in $(BUILDDIR)/html.\"\n\ndirhtml:\n\t$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml\n\t@echo\n\t@echo \"Build finished. The HTML pages are in $(BUILDDIR)/dirhtml.\"\n\nsinglehtml:\n\t$(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml\n\t@echo\n\t@echo \"Build finished. The HTML page is in $(BUILDDIR)/singlehtml.\"\n\npickle:\n\t$(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle\n\t@echo\n\t@echo \"Build finished; now you can process the pickle files.\"\n\njson:\n\t$(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json\n\t@echo\n\t@echo \"Build finished; now you can process the JSON files.\"\n\nhtmlhelp:\n\t$(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp\n\t@echo\n\t@echo \"Build finished; now you can run HTML Help Workshop with the\" \\\n\t \".hhp project file in $(BUILDDIR)/htmlhelp.\"\n\nqthelp:\n\t$(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp\n\t@echo\n\t@echo \"Build finished; now you can run \"qcollectiongenerator\" with the\" \\\n\t \".qhcp project file in $(BUILDDIR)/qthelp, like this:\"\n\t@echo \"# qcollectiongenerator $(BUILDDIR)/qthelp/django-shop-discounts.qhcp\"\n\t@echo \"To view the help file:\"\n\t@echo \"# assistant -collectionFile $(BUILDDIR)/qthelp/django-shop-discounts.qhc\"\n\ndevhelp:\n\t$(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp\n\t@echo\n\t@echo \"Build finished.\"\n\t@echo \"To view the help file:\"\n\t@echo \"# mkdir -p $$HOME/.local/share/devhelp/django-shop-discounts\"\n\t@echo \"# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/django-shop-discounts\"\n\t@echo \"# devhelp\"\n\nepub:\n\t$(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub\n\t@echo\n\t@echo \"Build finished. The epub file is in $(BUILDDIR)/epub.\"\n\nlatex:\n\t$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex\n\t@echo\n\t@echo \"Build finished; the LaTeX files are in $(BUILDDIR)/latex.\"\n\t@echo \"Run \\`make' in that directory to run these through (pdf)latex\" \\\n\t \"(use \\`make latexpdf' here to do that automatically).\"\n\nlatexpdf:\n\t$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex\n\t@echo \"Running LaTeX files through pdflatex...\"\n\tmake -C $(BUILDDIR)/latex all-pdf\n\t@echo \"pdflatex finished; the PDF files are in $(BUILDDIR)/latex.\"\n\ntext:\n\t$(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text\n\t@echo\n\t@echo \"Build finished. The text files are in $(BUILDDIR)/text.\"\n\nman:\n\t$(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man\n\t@echo\n\t@echo \"Build finished. The manual pages are in $(BUILDDIR)/man.\"\n\ntexinfo:\n\t$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo\n\t@echo\n\t@echo \"Build finished. The Texinfo files are in $(BUILDDIR)/texinfo.\"\n\t@echo \"Run \\`make' in that directory to run these through makeinfo\" \\\n\t \"(use \\`make info' here to do that automatically).\"\n\ninfo:\n\t$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo\n\t@echo \"Running Texinfo files through makeinfo...\"\n\tmake -C $(BUILDDIR)/texinfo info\n\t@echo \"makeinfo finished; the Info files are in $(BUILDDIR)/texinfo.\"\n\ngettext:\n\t$(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale\n\t@echo\n\t@echo \"Build finished. The message catalogs are in $(BUILDDIR)/locale.\"\n\nchanges:\n\t$(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes\n\t@echo\n\t@echo \"The overview file is in $(BUILDDIR)/changes.\"\n\nlinkcheck:\n\t$(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck\n\t@echo\n\t@echo \"Link check complete; look for any errors in the above output \" \\\n\t \"or in $(BUILDDIR)/linkcheck/output.txt.\"\n\ndoctest:\n\t$(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest\n\t@echo \"Testing of doctests in the sources finished, look at the \" \\\n\t \"results in $(BUILDDIR)/doctest/output.txt.\"\n" }, { "path": "docs/changelog.rst", "content": "=========\nChangelog\n=========\n\n1.0.0 (2026-02-04)\n------------------\n\nThe long-awaited 1.0 version of django-cookie-consent is finally here!\n\nThe project has seen numerous cleanups, clarifications and (hopefully) simplifications\nover the past few releases, but now the public API is considered stable and any future\nbreaking changes will result in a major version bump.\n\nThe documentation :ref:`Migrating to 1.0 ` is there to help you updating\nyour projects, but don't hesitate to open a Github issue if you run into problems.\n\n**💥 Breaking changes**\n\n*Now* was the time to perform necessary cleanups that break the existing API/features.\nThe upgrade documentation covers these in more detail.\n\n* [#106] Views and URLs rework:\n\n * Removed the URL patterns ``accept//`` and ``decline//``.\n * Renamed the ``cookie_consent_accept_all`` view name to ``cookie_consent_accept``.\n * Renamed the ``cookie_consent_decline_all`` view name to ``cookie_consent_decline``.\n * Replaced the ``CookieGroupBaseProcessView.process`` method with the new\n ``CookiesProcessor`` utility class.\n * The views no longer take the cookie groups/cookie group varnames from the\n ``varname`` URL parameter - it has been removed.\n * The cookie accept/decline views are no longer ``csrf_exempt`` and require a CRSF\n token now.\n * The ``cookie_consent_accept_url`` and ``cookie_consent_decline_url`` template\n tags are removed due to the URL structure changes.\n * Removed the ``DELETE`` method support for the cookie group decline view.\n\n* [#108] Legacy cookiebar Javascript removal:\n\n * The legacy implementation is removed.\n * Removed the ``get_accept_cookie_groups_cookie_string``,\n ``get_decline_cookie_groups_cookie_string``, ``js_type_for_cookie_consent`` and\n ``accepted_cookies`` template tags due to being incompatible with template/view\n caching.\n\n* Dropped support for the end-of-life Django 5.1.\n\n**New features**\n\n* Confirmed support for Django 6.0.\n* Confirmed support for Python 3.14.\n* [#106] You can now use plain HTTP POST form semantics to submit the cookie groups to\n accept/decline.\n* Added static type annotations to the project and added the ``py.typed`` package marker.\n\n**Project maintenance**\n\n* Added django-upgrade to pre-commit hooks.\n* Converted more tests to pytest style and refactored accept/decline views.\n* Cleaned up/updated the documentation.\n* Renamed the master branch to main.\n* Switch the version management tool from tbump to bump-my-version.\n\n0.9.0 (2025-09-28)\n------------------\n\nMaintenance and bugfix release.\n\n**💥 Breaking changes**\n\n* Dropped support for Python 3.8 (end-of-life).\n* Dropped support for Python 3.9 (soon end-of-life).\n\n**New features**\n\n* [#114] You can now customize the redirect behaviour after accepting/declining cookies,\n using the new ``COOKIE_CONSENT_SUCCESS_URL`` setting.\n* The admin now displays a warning for cookie groups that have no cookies in them.\n\n**Bugfixes**\n\n* [#135] Make cookie parsing and serialization more robust.\n\n**Project maintenance**\n\n* Transferred the package from the jazzband Github organization to django-commons, and\n updated all community-related documents like the code of conduct.\n* Updated the package metadata to latest format.\n* Bumped minimum required setuptools version to build the package.\n* Replaced black and isort with Ruff for linting and code-formatting duties.\n* Improved the test suite.\n* The PyPI and NPM packages are now automatically published with Trusted Publishing,\n enhancing supply-chain security.\n\n0.8.0 (2025-05-30)\n------------------\n\nSmall feature release\n\n**New features**\n\n* The Javascript (package) now exports some more utilities (#126).\n\n**Project maintenance**\n\n* Fixed some test flakiness.\n\n0.7.0 (2025-04-26)\n------------------\n\nBugfix and Django supported versions release.\n\n**New features**\n\n* Confirmed Python 3.13 support.\n* Confirmed Django 5.1 and 5.2 support.\n\n**Project maintenance**\n\n* Fixed incorrect JS example in the documentation.\n* Removed Django 5.0 from CI pipeline (it still works, but Django 5.0 is end of life).\n* Upgraded esbuild for the Javascript module building.\n\n0.6.0 (2024-05-10)\n------------------\n\nFeature release with improved JS support.\n\n**💥 Breaking changes**\n\nSome (database) unique constraints have been added to the model fields. If you have\nduplicate values in those fields, the migrations will crash. You should check for\nduplicates before upgrading, and fix those:\n\n.. code-block:: py\n\n from django.db.models import Count\n from cookie_consent.models import CookieGroup, Cookie\n\n # duplicated cookie groups (by varname)\n CookieGroup.objects.values(\"varname\").annotate(n=Count(\"varname\")).filter(n__gt=1)\n # \n\n # duplicated cookies\n Cookie.objects.values(\"cookiegroup\", \"name\", \"domain\").annotate(n=Count(\"id\")).filter(n__gt=1)\n # \n\nAdditionally, support for unmaintained Django versions (3.2, 4.1) is dropped.\n\n**New features**\n\n* The JS for the cookiebar module is rewritten in TypeScript and published as an\n `npm package`_ for people wishing to integrate this functionality in their own\n frontend stack. ``cookie_consent/cookiebar.module.js`` is still in the Python package,\n and it's generated from the same source code.\n\n* Added support for natural keys in dumpdata/loaddata management commands.\n\n**Deprecations**\n\nNone.\n\n**Bugfixes**\n\n* Fixed cache not being cleared after queryset (bulk) update/deletes\n* Swapped the order of ``onShow`` and ``doInsert`` in the cookiebar JS. ``onShow`` is\n now called after the cookiebar is inserted into the document.\n* Added missing unique constraint to ``CookieGroup.varname`` field\n* Added missing unique constraint on ``Cookie`` fields ``cookiegroup``, ``name`` and\n ``domain``.\n\n**Project maintenance**\n\n* Add missing templatetag instruction to docs\n* Removed Django < 4.2 compatibility shims\n* Formatted code with latest black version\n* Dropped Django 3.2 & 4.1 from the supported versions\n* Removed unused dependencies\n* Bumped github actions to latest versions\n* Updated to modern packaging tooling with ``pyproject.toml``\n\n.. _npm package: https://www.npmjs.com/package/django-cookie-consent\n\n0.5.0b0 (2023-09-24)\n--------------------\n\nA django-cookie-consent version to test the new Javascript integration.\n\nYou can install this using:\n\n.. code-block:: bash\n\n pip install django-cookie-consent --pre\n\nThe new cookiebar JS uses a modern approach and should resolve issues with page caches\nand Content Security Policies. Please try it out and report any issues or suggestion on\nGithub!\n\n**Breaking changes**\n\nNone\n\n**New features**\n\n* Implemented ``cookie_consent/cookiebar.module.js`` as a new Javascript integration.\n Please review the updated documentation for usage instructions. (#15, #49, #99)\n\n**Deprecations**\n\nDeprecated functionality is scheduled for removal in django-cookie-consent 1.0.\n\n* Deprecated ``cookie_consent/cookiebar.js`` and added an alias ``legacyShowCookieBar``.\n Existing users are advised to upgrade to the new module approach, or at the very\n least substitute ``showCookieBar`` with ``window.legacyShowCookieBar`` to better keep\n track of this deprecation.\n\n* Deprecated template tags that build up cookie strings suitable for Javascript.\n\n**Bugfixes**\n\nNone\n\n**Project maintenance**\n\n* Extensively documented the new cookiebar JS usage.\n* Added Playwright for end-to-end testing (covers both the new and legacy cookie bar)\n* Removed unnecessary ``smart_str`` usage - thanks @some1ataplace\n* Test app and tests themselves are now excluded from coverage measuring for more a\n more accurate reflection of the coverage status.\n\n0.4.0 (2023-06-11)\n------------------\n\n.. note::\n\n The 0.4.0 release mainly has had a project management overhaul. The project has\n transferred to the Jazzband organization. This release mostly focuses on Python/Django\n version compatibility and organization of tests, CI etc.\n\n Many thanks for people who reported bugs, and especially, your patience for getting\n this release on PyPI.\n\n\n**Breaking changes**\n\n* Dropped support for Django 2.2, 3.0, 3.1 and 4.0\n* Dropped support for Python 3.6 and 3.7\n\nThese versions are (nearly) end-of-life and no longer supported by their upstream teams.\n\n**New features**\n\n* Implemented settings for cookie flags: SameSite, HttpOnly, Secure, domain (#27, #60,\n #36, #88)\n* Added Dutch translations\n\n**Bugfixes**\n\n* Cache instance resolution is now lazy (#41)\n* Fixed support for Django 4.1 (#73) - thanks @alahdal\n* Fixed default settings being bytestrings (#24, #55, #69)\n* Fixed the middleware to clean cookies (#13) - thanks @some1ataplace\n* Fixed bug in JS ``beforeDeclined`` attribute\n\n**Project maintenance**\n\n* Transferred project to Jazzband (#38, #64, #75)\n* Replaced Travis CI with Github Actions (#64, #75)\n* Set up correct test matrix for python/django versions (#75)\n* Code is now ``isort`` and ``black`` formatted (#75)\n* Set up ``tox`` and ``pytest`` for testing (#64, #75)\n* 'Removed' the example app - the ``testapp`` in the repository is still a good example\n* Configured tbump for the release flow\n* Confirmed support for Python 3.11 and Django 4.2\n* Added explicit template tag tests (#39)\n\n**Documentation**\n\nDid some initial restructuring to make the docs easier to digest, more to come.\n\n* Added documentation on how to contribute\n* Corrected settings documentation (#53, #14)\n* Documented ``cookiebar.js`` usage (#90) - thanks @MrCordeiro\n* Added better contributor documentation and example app documentation based on the\n ``testapp`` in the repository.\n\n0.3.1 (2022-02-17)\n------------------\n\n- Protect against open redirect after accepting cookies (#48)\n\n\n0.3.0 (2021-12-08)\n------------------\n\n* support ranges from django 2.2 to 4.0 and python 3.6 to 3.9\n\n\n0.2.6 (2020-06-17)\n------------------\n\n* fix: setup for python 2.7\n\n\n0.2.5 (2020-06-17)\n------------------\n\n* chore: add package descriptions\n\n\n0.2.4 (2020-06-17)\n------------------\n\n* Cookie Bar Choosing Decline Not Disappearing Right Away (#22)\n\n* 📦 NEW: pt_BR (#23)\n\n0.2.3 (2020-06-15)\n------------------\n\n* Update package classifiers\n\n\n0.2.2 (2020-06-15)\n------------------\n\n* 8732949 Remove jquery (#20)\n\n\n0.2.1 (2020-06-02)\n------------------\n\n* fix: Set max version for django-appconf (#18)\n\n* fix: Views ignore 'next' url parameter (#12)\n\n* Update configuration.rst\n\n\n0.2.0 (2020-02-11)\n------------------\n\n* support ranges from django 1.9 to 3.0 and python 2.7 to 3.7 (JonHerr)\n\n0.1.1\n-----\n\n* tweak admin\n\n* Add accepted_cookies template filter\n\n* Add varname property to Cookie model\n\n* Add translation catalog\n\n0.1.0\n-----\n\n* Initial release\n" }, { "path": "docs/check_sphinx.py", "content": "import subprocess\n\n\ndef test_linkcheck(tmpdir):\n doctrees = tmpdir.join(\"doctrees\")\n htmldir = tmpdir.join(\"html\")\n subprocess.check_call(\n [\"sphinx-build\", \"-W\", \"-blinkcheck\", \"-d\", str(doctrees), \".\", str(htmldir)],\n )\n\n\ndef test_build_docs(tmpdir):\n doctrees = tmpdir.join(\"doctrees\")\n htmldir = tmpdir.join(\"html\")\n subprocess.check_call(\n [\"sphinx-build\", \"-W\", \"-bhtml\", \"-d\", str(doctrees), \".\", str(htmldir)],\n )\n" }, { "path": "docs/concept.rst", "content": "=============\nMain concepts\n=============\n\nCookie Group\n------------\n\nThe :class:`CookieGroup ` model represents a group\nof related cookies. Cookie groups can be either required or not. Users can accept or\ndecline the use of the cookies in the non-required cookie groups.\n\nVersions\n^^^^^^^^\n\nEach cookie group has a \"current version\" set to the timestamp of the last added\nCookie in it. When a user accepts a cookie group, the current version (at the time of\nconsent) is :ref:`saved `.\n\nVersions allow django-cookie-consent to check if new cookies have been introduced after\nthe user has given consent for a cookie group, so that they can be prompted again to\naccept the new cookie(s).\n\nImportant attributes:\n^^^^^^^^^^^^^^^^^^^^^\n\n``varname``\n The variable name that acts as unique identifier for the cookie group. You can use\n the value in template tags and filters to refer to a particular cookie group.\n\n``is_required``\n Required cookies are never deleted and users cannot accept or decline them. For\n example, Django's default ``sessionid`` and ``csrftoken`` cookies are required for\n the correct functioning of your project. Without these cookies, the website will not\n work properly - so users can't opt-out.\n\n``is_deletable``\n If a cookie group is marked as deletable, django-cookie-consent will try to delete\n the cookies in this group when the user declines the group, or through the\n :class:`cookie_consent.middleware.CleanCookiesMiddleware`.\n\nCookie\n------\n\nThe :class:`Cookie` model represents as single cookie.\n\n.. admonition:: Domain and path\n :collapsible: closed\n\n The ``domain`` and ``path`` fields are important to be able to delete the\n cookies programmatically. Keep in mind that only cookies of your own domain can\n be deleted.\n\n.. _concept_storing_consent:\n\nSaving user selection\n---------------------\n\nA bit ironically, django-cookie-consent uses a cookie itself to store the user consent.\nBy default, the name ``cookie_consent`` is used.\n\nAn example value of such a cookie could be:\n\n.. code-block:: none\n\n optional=-1|social=2013-06-04T03:17:01.421395Z\n\nThe meaning of this is:\n\n* the user declined the cookie group with varname ``optional``\n* the user accepted the cookie group with varname ``social``, and specifically only the\n cookies that were created before the stated timestamp\n\nCaching\n-------\n\ndjango-cookie-consent keeps the non-required cookie groups and cookies in cache, to\navoid hitting the database for each request. By default, the ``default`` Django cache\nis used. You can modify this, see :ref:`settings`.\n\n.. note:: Django's default cache is a local-memory cache. Cache invalidation in one\n wsgi-server process will not propagate to other instances/processes, so you can\n temporarily see inconsistent results. It's recommended to use a shared cache like\n Redis/Valkey or Memcache.\n" }, { "path": "docs/conf.py", "content": "import os\nimport sys\nfrom pathlib import Path\n\nimport django\n\n# If extensions (or modules to document with autodoc) are in another directory,\n# add these directories to sys.path here. If the directory is relative to the\n# documentation root, use os.path.abspath to make it absolute, like shown here.\nroot_dir = Path(__file__).parent.parent.resolve()\nsys.path.insert(0, str(root_dir))\nos.environ.setdefault(\"DJANGO_SETTINGS_MODULE\", \"testapp.settings\")\n\ndjango.setup()\n\nfrom cookie_consent import __version__ # noqa: E402\n\n# -- General configuration -----------------------------------------------------\n\n# If your documentation needs a minimal Sphinx version, state it here.\n# needs_sphinx = '1.0'\n\n# Add any Sphinx extension module names here, as strings. They can be extensions\n# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.\nextensions = [\"sphinx.ext.autodoc\"]\n\n# Add any paths that contain templates here, relative to this directory.\ntemplates_path = [\"_templates\"]\n\n# The suffix of source filenames.\nsource_suffix = \".rst\"\n\n# The encoding of source files.\n# source_encoding = 'utf-8-sig'\n\n# The master toctree document.\nmaster_doc = \"index\"\n\n# General information about the project.\nproject = \"django-cookie-consent\"\ncopyright = \"2013, Bojan Mihelac\"\n\nrelease = __version__\n\n# The language for content autogenerated by Sphinx. Refer to documentation\n# for a list of supported languages.\n# language = None\n\n# There are two options for replacing |today|: either, you set today to some\n# non-false value, then it is used:\n# today = ''\n# Else, today_fmt is used as the format for a strftime call.\n# today_fmt = '%B %d, %Y'\n\n# List of patterns, relative to source directory, that match files and\n# directories to ignore when looking for source files.\nexclude_patterns = [\"_build\"]\n\n# The reST default role (used for this markup: `text`) to use for all documents.\n# default_role = None\n\n# If true, '()' will be appended to :func: etc. cross-reference text.\n# add_function_parentheses = True\n\n# If true, the current module name will be prepended to all description\n# unit titles (such as .. function::).\n# add_module_names = True\n\n# If true, sectionauthor and moduleauthor directives will be shown in the\n# output. They are ignored by default.\n# show_authors = False\n\n# The name of the Pygments (syntax highlighting) style to use.\npygments_style = \"sphinx\"\n\n# A list of ignored prefixes for module index sorting.\n# modindex_common_prefix = []\n\n\n# -- Options for HTML output ---------------------------------------------------\n\n# The theme to use for HTML and HTML Help pages. See the documentation for\n# a list of builtin themes.\nhtml_theme = \"sphinx_rtd_theme\"\n\n# Theme options are theme-specific and customize the look and feel of a theme\n# further. For a list of options available for each theme, see the\n# documentation.\n# html_theme_options = {}\n\n# Add any paths that contain custom themes here, relative to this directory.\n# html_theme_path = []\n\n# The name for this set of Sphinx documents. If None, it defaults to\n# \" v documentation\".\n# html_title = None\n\n# A shorter title for the navigation bar. Default is the same as html_title.\n# html_short_title = None\n\n# The name of an image file (relative to this directory) to place at the top\n# of the sidebar.\n# html_logo = None\n\n# The name of an image file (within the static path) to use as favicon of the\n# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32\n# pixels large.\n# html_favicon = None\n\n# Add any paths that contain custom static files (such as style sheets) here,\n# relative to this directory. They are copied after the builtin static files,\n# so a file named \"default.css\" will overwrite the builtin \"default.css\".\nhtml_static_path = []\n\n# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,\n# using the given strftime format.\n# html_last_updated_fmt = '%b %d, %Y'\n\n# If true, SmartyPants will be used to convert quotes and dashes to\n# typographically correct entities.\n# html_use_smartypants = True\n\n# Custom sidebar templates, maps document names to template names.\n# html_sidebars = {}\n\n# Additional templates that should be rendered to pages, maps page names to\n# template names.\n# html_additional_pages = {}\n\n# If false, no module index is generated.\n# html_domain_indices = True\n\n# If false, no index is generated.\n# html_use_index = True\n\n# If true, the index is split into individual pages for each letter.\n# html_split_index = False\n\n# If true, links to the reST sources are added to the pages.\n# html_show_sourcelink = True\n\n# If true, \"Created using Sphinx\" is shown in the HTML footer. Default is True.\n# html_show_sphinx = True\n\n# If true, \"(C) Copyright ...\" is shown in the HTML footer. Default is True.\n# html_show_copyright = True\n\n# If true, an OpenSearch description file will be output, and all pages will\n# contain a tag referring to it. The value of this option must be the\n# base URL from which the finished HTML is served.\n# html_use_opensearch = ''\n\n# This is the file name suffix for HTML files (e.g. \".xhtml\").\n# html_file_suffix = None\n\n# Output file base name for HTML help builder.\nhtmlhelp_basename = \"django-cookie-consent\"\n\n\n# -- Options for LaTeX output --------------------------------------------------\n\n# The paper size ('letter' or 'a4').\n# latex_paper_size = 'letter'\n\n# The font size ('10pt', '11pt' or '12pt').\n# latex_font_size = '10pt'\n\n# Grouping the document tree into LaTeX files. List of tuples\n# (source start file, target name, title, author, documentclass [howto/manual]).\nlatex_documents = [\n (\n \"index\",\n \"django-cookie-consent.tex\",\n \"django-cookie-consent Documentation\",\n \"Bojan Mihelac\",\n \"manual\",\n ),\n]\n\n# The name of an image file (relative to this directory) to place at the top of\n# the title page.\n# latex_logo = None\n\n# For \"manual\" documents, if this is true, then toplevel headings are parts,\n# not chapters.\n# latex_use_parts = False\n\n# If true, show page references after internal links.\n# latex_show_pagerefs = False\n\n# If true, show URL addresses after external links.\n# latex_show_urls = False\n\n# Additional stuff for the LaTeX preamble.\n# latex_preamble = ''\n\n# Documents to append as an appendix to all manuals.\n# latex_appendices = []\n\n# If false, no module index is generated.\n# latex_domain_indices = True\n\n\n# -- Options for manual page output --------------------------------------------\n\n# One entry per manual page. List of tuples\n# (source start file, name, description, authors, manual section).\nman_pages = [\n (\n \"index\",\n \"django-cookie-consent\",\n \"django-cookie-consent Documentation\",\n [\"Bojan Mihelac\"],\n 1,\n )\n]\n\n# If true, show URL addresses after external links.\n# man_show_urls = False\n\n# -- Options for Texinfo output ------------------------------------------------\n\n# Grouping the document tree into Texinfo files. List of tuples\n# (source start file, target name, title, author,\n# dir menu entry, description, category)\ntexinfo_documents = [\n (\n \"index\",\n \"django-cookie-consent\",\n \"django-cookie-consent Documentation\",\n \"Bojan Mihelac\",\n \"django-cookie-consent\",\n \"\",\n \"Miscellaneous\",\n ),\n]\n\n# Documents to append as an appendix to all manuals.\ntexinfo_appendices = []\n\nlinkcheck_ignore = [\n r\"https://(www\\.)?npmjs\\.com.*\", # IP/UA blocking...\n]\n" }, { "path": "docs/contributing.rst", "content": ".. _contributing:\n\n=============\nContributing\n=============\n\n.. include:: ../CONTRIBUTING.rst\n" }, { "path": "docs/example_app.rst", "content": "===========\nExample app\n===========\n\nThe ``testapp`` project is both an example of how you could use this library and serves\nas the reference for our test suite.\n\nRunning the testapp\n-------------------\n\nThe testapp is essentially a standard django project, however there is no ``manage.py``\nfile. Instead, you have to use the ``django-admin`` command (``manage.py`` is only\na wrapper around this anyway).\n\n#. First, clone the repository to get all the necessary files:\n\n .. code-block:: bash\n\n git clone https://github.com/django-commons/django-cookie-consent.git\n cd django-cookie-consent\n\n#. Create a virtual environment for the project, using any supported Python version\n (3.10+) and activate it\n\n .. code-block:: bash\n\n python3.12 -m venv ./env\n source ./env/bin/activate\n\n#. Install the application and dependencies\n\n .. code-block:: bash\n\n pip install .\n\n#. Prepare your settings and local project instance\n\n .. code-block:: bash\n\n export DJANGO_SETTINGS_MODULE=testapp.settings PYTHONPATH=.\n django-admin migrate\n django-admin loaddata testapp/fixture.json\n django-admin createsuperuser\n\n#. Start the development server\n\n .. code-block:: bash\n\n django-admin runserver\n\nYou can now navigate to ``http://127.0.0.1:8000`` and ``http://127.0.0.1:8000/admin/``.\n" }, { "path": "docs/index.rst", "content": "=====================\nDjango cookie consent\n=====================\n\nManage cookie information and let visitors give or reject consent for them.\n\n|build-status| |code-quality| |ruff| |coverage| |docs|\n\n|python-versions| |django-versions| |pypi-version|\n\nFeatures\n========\n\n* cookies and cookie groups are stored in models for easy management\n through Django admin interface\n* support for both opt-in and opt-out cookie consent schemes\n* removing declined cookies (or non accepted when opt-in scheme is used)\n* logging user actions when they accept and decline various cookies\n* easy adding new cookies and seamlessly re-asking for consent for new cookies\n\nYou can find the source code and development progress on https://github.com/django-commons/django-cookie-consent/.\n\nUser Guide\n----------\n\n.. toctree::\n :maxdepth: 2\n\n quickstart\n concept\n usage\n javascript\n settings\n example_app\n reference/index\n contributing\n migrating-1.0\n changelog\n\nIndices and tables\n==================\n\n* :ref:`genindex`\n* :ref:`modindex`\n* :ref:`search`\n\n.. |build-status| image:: https://github.com/django-commons/django-cookie-consent/workflows/Run%20CI/badge.svg\n :alt: Build status\n :target: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Run+CI%22\n\n.. |code-quality| image:: https://github.com/django-commons/django-cookie-consent/workflows/Code%20quality%20checks/badge.svg\n :alt: Code quality checks\n :target: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Code+quality+checks%22\n\n.. |ruff| image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n\n.. |coverage| image:: https://codecov.io/gh/django-commons/django-cookie-consent/branch/main/graph/badge.svg\n :target: https://codecov.io/gh/django-commons/django-cookie-consent\n :alt: Coverage status\n\n.. |docs| image:: https://readthedocs.org/projects/django-cookie-consent/badge/?version=latest\n :target: https://django-cookie-consent.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Status\n\n.. |python-versions| image:: https://img.shields.io/pypi/pyversions/django-cookie-consent.svg\n\n.. |django-versions| image:: https://img.shields.io/pypi/djversions/django-cookie-consent.svg\n\n.. |pypi-version| image:: https://img.shields.io/pypi/v/django-cookie-consent.svg\n :target: https://pypi.org/project/django-cookie-consent/\n" }, { "path": "docs/javascript.rst", "content": ".. _javascript:\n\n======================\nJavascript integration\n======================\n\nCookie consent supports \"classic\" pages where you submit the accept/decline form and\nthen it performs a full page reload. This strategy is simple and straight-forward, as\nany dynamic scripts tied to the cookie groups are then automatically initialized.\n\nHowever, this does not lead to the best user-experience. Consider a user filling out a\nlong form and half-way they decide to get rid of the \"annoying cookie bar\". Either\naccepting or declining will make them lose their changes, providing a frustrating\nexperience.\n\nUsing the scripts we ship, you can provide a better user experience, at the cost of\nmore development work.\n\n.. _showcookiebar_getting_started:\n\nGetting started\n===============\n\nRequirements\n------------\n\nThe new script is designed for modern Javascript and modern browsers. It should also\nintegrate with JS tooling like Webpack/Rollup/ESBuild... but we are not actively testing\nthis. Please let us know via Github issues what your issues and/or wishes are!\n\nAs such, the target browsers must support:\n\n* `` tag #}\n\n**Include a script that calls the showCookieBar function**\n\nThe most straight-forward way is to include this in your Django template:\n\n.. code-block:: django\n\n {% load static cookie_consent_tags %}\n {% static \"cookie_consent/cookiebar.module.js\" as cookiebar_src %}\n {% url 'cookie_consent_status' as status_url %}\n \n\nYou call the function with the necessary options, and on page-load the cookie bar will\nbe properly initialized.\n\nThe ``status_url`` is special - it points to a backend view which returns the\nuser-specific cookie consent status, returning the appropriate accept and decline URLs\nand other details relevant to cookie consent.\n\n.. note::\n\n If you prefer the include the cookiebar module in your own Javascript entrypoint,\n the easiest way is to install our `published package`_.\n\n This package should work with TypeScript, Webpack, ESBuild, Vite... and other popular\n bundlers and toolchains.\n\n Just be careful to install the same (minor) version as the backend package to avoid\n weird bugs.\n\n.. _published package: hhttps://www.npmjs.com/package/django-cookie-consent\n\nOptions\n=======\n\nThe ``showCookieBar`` function takes a few required options and many optional options to\ntweak the behaviour to your wishes.\n\n**Required options**\n\n* ``statusUrl``: URL to the ``CookieStatusView`` - essential to determine the\n accept/decline URLs and CSRF token. Use ``{% url 'cookie_consent_status' as status_url %}``\n for the correct value, irrespective of your urlconf.\n\n**Recommended options**\n\nThese options have default values, but to prevent surprises and maximum flexibility, you\nshould provide them. Please check the source code for their default values.\n\n* ``templateSelector`` - CSS selector to find the template element of the cookie bar.\n This element will be cloned and ultimately added to the page.\n\n* ``cookieGroupsSelector`` - CSS selector to the element produced by\n ``{% all_cookie_groups 'cookie-consent__cookie-groups' %}``. This provides all\n configured cookie groups in a JSON script tag and is read by ``showCookieBar`` to\n determine if a bar should be shown at all (e.g. if there are no cookie groups,\n nothing is done).\n\n* ``acceptSelector`` - CSS selector to the element to accept all cookies. A ``click``\n event listener is bound to this element to register the cookies accept action.\n\n* ``declineSelector`` - CSS selector to the element to decline all cookies. A ``click``\n event listener is bound to this element to register the cookies decline action.\n\n**Optional**\n\n* ``insertBefore`` - A CSS selector, DOM node or ``null``. If provided, the cookie bar\n is prepended before this node, otherwise it is appended to the body element.\n\n* ``onShow`` - an optional callback function, called right before the cookie bar is\n added to the document.\n\n* ``onAccept`` - an optional callback, called when the \"cookies accept\" element is\n clicked and when the cookie status is initially loaded. It receives the list of\n all cookie groups that are (now) accepted and the click event (if there was one).\n\n* ``onDecline`` - an optional callback, called when the \"cookies decline\" element is\n clicked and when the cookie status is initially loaded. It receives the list of\n all cookie groups that are (now) declined and the click event (if there was one).\n\n* ``csrfHeaderName`` - HTTP header name for the CSRF Token. Defaults to Django's default\n value, so if you have a non-default ``settings.CSRF_HEADER_NAME``, you must provide\n this.\n\n.. _javascript_enable_scripts:\n\nEnabling other scripts after cookies were accepted\n==================================================\n\nThe legacy version of ``showCookieBar`` supported emitting scripts with a custom type\nin the Django templates, which where then changed to ``type=\"text/javascript\"`` to make\nthem execute without a full page reload. The new version does not support this out of\nthe box, as it may interfere with page caches, Content Security Policies and was poorly\ndocumented.\n\nWe recommend hooking into the ``onAccept`` and ``onDecline`` hooks to perform these\nactions.\n\nE.g. in the django template:\n\n.. code-block:: django\n\n \n\nand the Javascript function:\n\n.. code-block:: javascript\n\n function onAccept(cookieGroups) {\n const analyticsEnabled = cookieGroups.find(group => group.varname === 'analytics') != undefined;\n if (analyticsEnabled) {\n const template = document.getElementById('analytics-scripts').content;\n const analyticsScripts = templateNode.content.cloneNode(true);\n document.body.appendChild(analyticsScripts);\n }\n }\n\nPassing this ``onAccept`` callback then adds the scripts after the user accepted the\ncookies, causing them to execute. This way, there's no reliance on ``unsafe-eval``.\n\n.. _javascript_design_considerations:\n\nConsiderations and design decisions made for the JS integration\n===============================================================\n\nWe realize there is quite a bit of work to do to use this functionality. We've aimed for\na trade-off where the simple things are easy to do and the complex set-ups are\nachievable.\n\nThe :ref:`showcookiebar_getting_started` section should be close to plug-and-play by\nintegrating well with Django's static files. Especially on modern browsers, we intend\nto have a working solution without intricate Javascript knowledge.\n\nFor more advanced Javascript usage/developers, we expose hooks and options to tap into\nthe life-cycle. The code may also serve as a reference for your own implementation.\n\nHttpOnly and CSRF\n-----------------\n\nThe cookie-consent cookie itself can safely be set to ``HttpOnly`` so it cannot be\ntampered with (or even read) from Javascript. This follows security best practices. The\nnew script no longer touches ``document.cookie``.\n\nAccepting and declining cookies must be CSRF-protected and use ``POST`` requests. This\nworks out of the box with the async calls we make - the status endpoint provides the\nCSRF token to the Javascript so that it can include this via an HTTP header.\n\nThis means that you can mark your CSRF cookies ``HttpOnly`` in Django.\n\nContent Security Policy (CSP)\n-----------------------------\n\nContent Security Policies aim to lock down which scripts, styles... can run in the\nbrowser. They are a good tool in helping prevent Cross-Site-Scripting attacks, by\nspecifying from which sources scripts are allowed to run and usually by blocking\n``eval`` (which should be the bare minimum of what you block).\n\nThe new scripts play well with this - you can include your analytics scripts inside\n``