author | Aurelien Campeas <aurelien.campeas@logilab.fr> |
Thu, 15 Apr 2010 10:59:49 +0200 | |
branch | stable |
changeset 5267 | 7bac6791bbc2 |
parent 5080 | cfc7c2b24f9e |
child 5223 | 6abd6e3599f4 |
child 5421 | 8167de96c523 |
permissions | -rw-r--r-- |
0 | 1 |
"""web session component: by dfault the session is actually the db connection |
2 |
object :/ |
|
3 |
||
4 |
:organization: Logilab |
|
4212
ab6573088b4a
update copyright: welcome 2010
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2706
diff
changeset
|
5 |
:copyright: 2001-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2. |
0 | 6 |
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr |
1977
606923dff11b
big bunch of copyright / docstring update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1802
diff
changeset
|
7 |
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses |
0 | 8 |
""" |
9 |
__docformat__ = "restructuredtext en" |
|
10 |
||
1133 | 11 |
from cubicweb.web import InvalidSession |
0 | 12 |
from cubicweb.web.application import AbstractSessionManager |
13 |
||
14 |
||
15 |
class InMemoryRepositorySessionManager(AbstractSessionManager): |
|
16 |
"""manage session data associated to a session identifier""" |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
17 |
|
2887
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2706
diff
changeset
|
18 |
def __init__(self, *args, **kwargs): |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2706
diff
changeset
|
19 |
AbstractSessionManager.__init__(self, *args, **kwargs) |
0 | 20 |
# XXX require a RepositoryAuthenticationManager which violates |
21 |
# authenticate interface by returning a session instead of a user |
|
22 |
#assert isinstance(self.authmanager, RepositoryAuthenticationManager) |
|
23 |
self._sessions = {} |
|
24 |
||
5080
cfc7c2b24f9e
[cleanup] some notes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4252
diff
changeset
|
25 |
# dump_data / restore_data to avoid loosing open sessions on registry |
cfc7c2b24f9e
[cleanup] some notes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4252
diff
changeset
|
26 |
# reloading |
2706
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
27 |
def dump_data(self): |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
28 |
return self._sessions |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
29 |
def restore_data(self, data): |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
30 |
self._sessions = data |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
31 |
|
0 | 32 |
def current_sessions(self): |
33 |
return self._sessions.values() |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
34 |
|
0 | 35 |
def get_session(self, req, sessionid): |
36 |
"""return existing session for the given session identifier""" |
|
37 |
if not sessionid in self._sessions: |
|
38 |
raise InvalidSession() |
|
39 |
session = self._sessions[sessionid] |
|
40 |
if self.has_expired(session): |
|
41 |
self.close_session(session) |
|
42 |
raise InvalidSession() |
|
5080
cfc7c2b24f9e
[cleanup] some notes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4252
diff
changeset
|
43 |
# give an opportunity to auth manager to hijack the session (necessary |
cfc7c2b24f9e
[cleanup] some notes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4252
diff
changeset
|
44 |
# with the RepositoryAuthenticationManager in case the connection to the |
cfc7c2b24f9e
[cleanup] some notes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4252
diff
changeset
|
45 |
# repository has expired) |
0 | 46 |
try: |
47 |
session = self.authmanager.validate_session(req, session) |
|
48 |
# necessary in case session has been hijacked |
|
49 |
self._sessions[session.sessionid] = session |
|
50 |
except InvalidSession: |
|
51 |
# invalid session |
|
52 |
del self._sessions[sessionid] |
|
53 |
raise |
|
54 |
return session |
|
55 |
||
56 |
def open_session(self, req): |
|
57 |
"""open and return a new session for the given request |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
58 |
|
0 | 59 |
:raise ExplicitLogin: if authentication is required |
60 |
""" |
|
61 |
session = self.authmanager.authenticate(req) |
|
62 |
self._sessions[session.sessionid] = session |
|
63 |
return session |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
64 |
|
0 | 65 |
def close_session(self, session): |
66 |
"""close session on logout or on invalid session detected (expired out, |
|
67 |
corrupted...) |
|
68 |
""" |
|
69 |
self.info('closing http session %s' % session) |
|
70 |
del self._sessions[session.sessionid] |
|
71 |
try: |
|
72 |
session.close() |
|
73 |
except: |
|
74 |
# already closed, may occurs if the repository session expired but |
|
75 |
# not the web session |
|
76 |
pass |