Mercurial Mercurial > pub > hg > cubicweb / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
web/views/sessions.py
author Sylvain <syt@logilab.fr>
Wed, 11 Feb 2009 17:54:55 +0100
changeset 599 9ef680acd92a
parent 0 b97547f5f1fa
child 1133 8a409ea0c9ec
permissions -rw-r--r--
fix select principal so results are predictable during tests
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset 
     1
 
"""web session component: by dfault the session is actually the db connection
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset 
     2
 
object :/
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset 
     3
 












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




     4


:organization: Logilab












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




     5


:copyright: 2001-2008 LOGILAB S.A. (Paris, FRANCE), all rights reserved.












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




     6


:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




     7


"""












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




     8


__docformat__ = "restructuredtext en"












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




     9














b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    10


from cubicweb.web import ExplicitLogin, InvalidSession












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    11


from cubicweb.web.application import AbstractSessionManager












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    12














b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    13














b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    14


class InMemoryRepositorySessionManager(AbstractSessionManager):












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    15


    """manage session data associated to a session identifier"""












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    16


    












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    17


    def __init__(self):












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    18


        AbstractSessionManager.__init__(self)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    19


        # XXX require a RepositoryAuthenticationManager which violates












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    20


        #     authenticate interface by returning a session instead of a user












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    21


        #assert isinstance(self.authmanager, RepositoryAuthenticationManager)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    22


        self._sessions = {}












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    23














b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    24


    def current_sessions(self):












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    25


        return self._sessions.values()












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    26


    












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    27


    def get_session(self, req, sessionid):












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    28


        """return existing session for the given session identifier"""












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    29


        if not sessionid in self._sessions:












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    30


            raise InvalidSession()












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    31


        session = self._sessions[sessionid]












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    32


        if self.has_expired(session):












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    33


            self.close_session(session)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    34


            raise InvalidSession()












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    35


        # give an opportunity to auth manager to hijack the session












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    36


        # (necessary with the RepositoryAuthenticationManager in case












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    37


        #  the connection to the repository has expired)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    38


        try:












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    39


            session = self.authmanager.validate_session(req, session)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    40


            # necessary in case session has been hijacked












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    41


            self._sessions[session.sessionid] = session












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    42


        except InvalidSession:












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    43


            # invalid session












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    44


            del self._sessions[sessionid]












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    45


            raise












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    46


        return session












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    47














b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    48


    def open_session(self, req):












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    49


        """open and return a new session for the given request












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    50


        












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    51


        :raise ExplicitLogin: if authentication is required












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    52


        """












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    53


        session = self.authmanager.authenticate(req)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    54


        self._sessions[session.sessionid] = session












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    55


        return session












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    56


    












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    57


    def close_session(self, session):












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    58


        """close session on logout or on invalid session detected (expired out,












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    59


        corrupted...)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    60


        """












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    61


        self.info('closing http session %s' % session)












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    62


        del self._sessions[session.sessionid]












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    63


        try:












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    64


            session.close()












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    65


        except:












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    66


            # already closed, may occurs if the repository session expired but












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    67


            # not the web session












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    68


            pass












b97547f5f1fa
Showtime !



Adrien Di Mascio <Adrien.DiMascio@logilab.fr>


parents: 

diff
changeset




    69


    














cubicweb