author | Sylvain Thénault <sylvain.thenault@logilab.fr> |
Tue, 01 Apr 2014 10:26:37 +0200 | |
changeset 9637 | c6132d36e55d |
parent 9624 | a42fae4cd45a |
child 10331 | 6f25c7e4f19b |
permissions | -rw-r--r-- |
8544
3d049071957e
massive copyright update to avoid clutering later patches
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8311
diff
changeset
|
1 |
# copyright 2003-2012 LOGILAB S.A. (Paris, FRANCE), all rights reserved. |
5421
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
2 |
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
3 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
4 |
# This file is part of CubicWeb. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
5 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
6 |
# CubicWeb is free software: you can redistribute it and/or modify it under the |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
7 |
# terms of the GNU Lesser General Public License as published by the Free |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
8 |
# Software Foundation, either version 2.1 of the License, or (at your option) |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
9 |
# any later version. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
10 |
# |
5424
8ecbcbff9777
replace logilab-common by CubicWeb in disclaimer
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5421
diff
changeset
|
11 |
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT |
5421
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
12 |
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
13 |
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
14 |
# details. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
15 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
16 |
# You should have received a copy of the GNU Lesser General Public License along |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
17 |
# with CubicWeb. If not, see <http://www.gnu.org/licenses/>. |
0 | 18 |
"""web session component: by dfault the session is actually the db connection |
19 |
object :/ |
|
6240 | 20 |
""" |
0 | 21 |
|
22 |
__docformat__ = "restructuredtext en" |
|
23 |
||
9573
99166335a8e0
Move setting session.mtime from dbapi to web session manager
Julien Cristau <julien.cristau@logilab.fr>
parents:
9543
diff
changeset
|
24 |
from time import time |
99166335a8e0
Move setting session.mtime from dbapi to web session manager
Julien Cristau <julien.cristau@logilab.fr>
parents:
9543
diff
changeset
|
25 |
|
7817
cb6174065c39
[test] fix test broken by 7815:2a164a9cf81c
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7815
diff
changeset
|
26 |
from cubicweb import (RepositoryError, Unauthorized, AuthenticationError, |
cb6174065c39
[test] fix test broken by 7815:2a164a9cf81c
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7815
diff
changeset
|
27 |
BadConnectionId) |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
28 |
from cubicweb.web import InvalidSession, Redirect |
0 | 29 |
from cubicweb.web.application import AbstractSessionManager |
7909
71c70bf482cf
[web session] ProgrammingError may be raised, we should catch it (closes #1980076)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7854
diff
changeset
|
30 |
from cubicweb.dbapi import ProgrammingError, DBAPISession |
9071
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
31 |
from cubicweb import repoapi |
0 | 32 |
|
33 |
||
34 |
class InMemoryRepositorySessionManager(AbstractSessionManager): |
|
35 |
"""manage session data associated to a session identifier""" |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
36 |
|
2887
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2706
diff
changeset
|
37 |
def __init__(self, *args, **kwargs): |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2706
diff
changeset
|
38 |
AbstractSessionManager.__init__(self, *args, **kwargs) |
0 | 39 |
# XXX require a RepositoryAuthenticationManager which violates |
40 |
# authenticate interface by returning a session instead of a user |
|
41 |
#assert isinstance(self.authmanager, RepositoryAuthenticationManager) |
|
42 |
self._sessions = {} |
|
43 |
||
5080
cfc7c2b24f9e
[cleanup] some notes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4252
diff
changeset
|
44 |
# dump_data / restore_data to avoid loosing open sessions on registry |
cfc7c2b24f9e
[cleanup] some notes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4252
diff
changeset
|
45 |
# reloading |
2706
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
46 |
def dump_data(self): |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
47 |
return self._sessions |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
48 |
def restore_data(self, data): |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
49 |
self._sessions = data |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
50 |
|
0 | 51 |
def current_sessions(self): |
52 |
return self._sessions.values() |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
53 |
|
0 | 54 |
def get_session(self, req, sessionid): |
55 |
"""return existing session for the given session identifier""" |
|
7428
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6848
diff
changeset
|
56 |
if sessionid not in self._sessions: |
0 | 57 |
raise InvalidSession() |
58 |
session = self._sessions[sessionid] |
|
9071
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
59 |
try: |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
60 |
user = self.authmanager.validate_session(req, session) |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
61 |
except InvalidSession: |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
62 |
self.close_session(session) |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
63 |
raise |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
64 |
if session.closed: |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
65 |
self.close_session(session) |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
66 |
raise InvalidSession() |
0 | 67 |
return session |
68 |
||
9017
aa709bc6b6c1
[application/connect] simplify connection logic
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9015
diff
changeset
|
69 |
def open_session(self, req): |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
70 |
"""open and return a new session for the given request. The session is |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
71 |
also bound to the request. |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
72 |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
73 |
raise :exc:`cubicweb.AuthenticationError` if authentication failed |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5080
diff
changeset
|
74 |
(no authentication info found or wrong user/password) |
0 | 75 |
""" |
9071
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
76 |
session, login = self.authmanager.authenticate(req) |
0 | 77 |
self._sessions[session.sessionid] = session |
9573
99166335a8e0
Move setting session.mtime from dbapi to web session manager
Julien Cristau <julien.cristau@logilab.fr>
parents:
9543
diff
changeset
|
78 |
session.mtime = time() |
0 | 79 |
return session |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1133
diff
changeset
|
80 |
|
9018
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
81 |
def postlogin(self, req, session): |
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
82 |
"""postlogin: the user have been related to a session |
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
83 |
|
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
84 |
Both req and session are passed to this function because actually |
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
85 |
linking the request to the session is not yet done and not the |
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
86 |
responsability of this object. |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
87 |
""" |
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
88 |
# Update last connection date |
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
89 |
# XXX: this should be in a post login hook in the repository, but there |
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
90 |
# we can't differentiate actual login of automatic session |
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
91 |
# reopening. Is it actually a problem? |
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
92 |
if 'last_login_time' in req.vreg.schema: |
9018
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
93 |
self._update_last_login_time(session) |
9543 | 94 |
req.set_message(req._('welcome %s!') % session.user.login) |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
95 |
|
9018
9deb024a96c0
[session-handler] use session directly to update last usage
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9017
diff
changeset
|
96 |
def _update_last_login_time(self, session): |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
97 |
# XXX should properly detect missing permission / non writeable source |
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
98 |
# and avoid "except (RepositoryError, Unauthorized)" below |
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
99 |
try: |
9071
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
100 |
cnx = repoapi.ClientConnection(session) |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
101 |
with cnx: |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
102 |
cnx.execute('SET X last_login_time NOW WHERE X eid %(x)s', |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
103 |
{'x' : session.user.eid}) |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
104 |
cnx.commit() |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
105 |
except (RepositoryError, Unauthorized): |
9071
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
106 |
pass |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6279
diff
changeset
|
107 |
|
0 | 108 |
def close_session(self, session): |
109 |
"""close session on logout or on invalid session detected (expired out, |
|
110 |
corrupted...) |
|
111 |
""" |
|
5799
93f4b4d2fecf
use sessionid in log message
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents:
5426
diff
changeset
|
112 |
self.info('closing http session %s' % session.sessionid) |
9071
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
113 |
self._sessions.pop(session.sessionid, None) |
46885bfa4150
Use new repoapi for the web stack
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
9019
diff
changeset
|
114 |
if not session.closed: |
9624
a42fae4cd45a
[web/sessions] use session.sessionid instead of deprecated session.id
Julien Cristau <julien.cristau@logilab.fr>
parents:
9573
diff
changeset
|
115 |
session.repo.close(session.sessionid) |