cubicweb: web/views/sessions.py@5467674ad101 (annotated)

0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	1	"""web session component: by dfault the session is actually the db connection
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	2	object :/
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	3
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	4	:organization: Logilab
4212 ab6573088b4a update copyright: welcome 2010 Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 2706 diff changeset	5	:copyright: 2001-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	6	:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
1977 606923dff11b big bunch of copyright / docstring update Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 1802 diff changeset	7	:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	8	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	9	__docformat__ = "restructuredtext en"
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	10
1133 8a409ea0c9ec more linting sylvain.thenault@logilab.fr parents: 0 diff changeset	11	from cubicweb.web import InvalidSession
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	12	from cubicweb.web.application import AbstractSessionManager
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	13	from cubicweb.dbapi import DBAPISession
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	14
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	15
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	16	class InMemoryRepositorySessionManager(AbstractSessionManager):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	17	"""manage session data associated to a session identifier"""
1802 d628defebc17 delete-trailing-whitespace + some copyright update Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 1133 diff changeset	18
2887 1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2706 diff changeset	19	def __init__(self, args, *kwargs):
1282dc6525c5 give vreg where we need it (eg no bound request) Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 2706 diff changeset	20	AbstractSessionManager.__init__(self, args, *kwargs)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	21	# XXX require a RepositoryAuthenticationManager which violates
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	22	# authenticate interface by returning a session instead of a user
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	23	#assert isinstance(self.authmanager, RepositoryAuthenticationManager)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	24	self._sessions = {}
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	25
5080 cfc7c2b24f9e [cleanup] some notes Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4252 diff changeset	26	# dump_data / restore_data to avoid loosing open sessions on registry
cfc7c2b24f9e [cleanup] some notes Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 4252 diff changeset	27	# reloading
2706 09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	28	def dump_data(self):
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	29	return self._sessions
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	30	def restore_data(self, data):
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	31	self._sessions = data
09baf5175196 [web session] proper reloading of the session manager on vreg update Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 1977 diff changeset	32
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	33	def current_sessions(self):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	34	return self._sessions.values()
1802 d628defebc17 delete-trailing-whitespace + some copyright update Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 1133 diff changeset	35
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	36	def get_session(self, req, sessionid):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	37	"""return existing session for the given session identifier"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	38	if not sessionid in self._sessions:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	39	raise InvalidSession()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	40	session = self._sessions[sessionid]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	41	if self.has_expired(session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	42	self.close_session(session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	43	raise InvalidSession()
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	44	try:
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	45	user = self.authmanager.validate_session(req, session)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	46	except InvalidSession:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	47	# invalid session
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	48	self.close_session(session)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	49	raise
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	50	# associate the connection to the current request
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	51	req.set_session(session, user)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	52	return session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	53
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	54	def open_session(self, req):
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	55	"""open and return a new session for the given request. The session is
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	56	also bound to the request.
1802 d628defebc17 delete-trailing-whitespace + some copyright update Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 1133 diff changeset	57
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	58	raise :exc:`cubicweb.AuthenticationError` if authentication failed
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	59	(no authentication info found or wrong user/password)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	60	"""
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	61	cnx, login, authinfo = self.authmanager.authenticate(req)
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	62	session = DBAPISession(cnx, login, authinfo)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	63	self._sessions[session.sessionid] = session
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	64	# associate the connection to the current request
6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	65	req.set_session(session)
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	66	return session
1802 d628defebc17 delete-trailing-whitespace + some copyright update Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: 1133 diff changeset	67
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	68	def close_session(self, session):
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	69	"""close session on logout or on invalid session detected (expired out,
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	70	corrupted...)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	71	"""
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	72	self.info('closing http session %s' % session)
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	73	del self._sessions[session.sessionid]
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	74	try:
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	75	session.cnx.close()
0 b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	76	except:
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	77	# already closed, may occurs if the repository session expired but
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	78	# not the web session
b97547f5f1fa Showtime ! Adrien Di Mascio <Adrien.DiMascio@logilab.fr> parents: diff changeset	79	pass
5223 6abd6e3599f4 #773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: 5080 diff changeset	80	session.cnx = None

author	Sylvain Thénault <sylvain.thenault@logilab.fr>
	Wed, 14 Apr 2010 10:29:38 +0200
changeset 5244	5467674ad101
parent 5223	6abd6e3599f4
child 5423	e15abfdcce38
permissions	-rw-r--r--