Mercurial Mercurial > pub > hg > cubicweb / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
pyramid_cubicweb/defaults.py
changeset 11533 4ced3782b90f
parent 11531 16cb60d6424d
child 11537 caf268942436
equal deleted inserted replaced
11532:6a1d0aa3ac85 11533:4ced3782b90f 
     1 import datetime
 
       
     2 import logging
 
       
     3 import warnings
 
       
     4 
       
     5 from pyramid.authentication import AuthTktAuthenticationPolicy
 
       
     6 from pyramid.authorization import ACLAuthorizationPolicy
 
       
     7 
       
     8 from pyramid_cubicweb.core import get_principals
 
       
     9 
       
    10 log = logging.getLogger(__name__)
 
       
    11 
       
    12 
       
    13 class CubicWebAuthTktAuthenticationPolicy(AuthTktAuthenticationPolicy):
 
       
    14     """An authentication policy that update the user last_login_time.
 
       
    15 
       
    16     The update is done in the 'remember' method, which is called on login,
 
       
    17     and each time the authentication ticket is reissued.
 
       
    18 
       
    19     Meaning, the last_login_time is updated reissue_time seconds (maximum)
 
       
    20     before the last request by the user.
 
       
    21     """
 
       
    22 
       
    23     def remember(self, request, principal, **kw):
 
       
    24         headers = super(CubicWebAuthTktAuthenticationPolicy, self).remember(
 
       
    25             request, principal, **kw)
 
       
    26         try:
 
       
    27             repo = request.registry['cubicweb.repository']
 
       
    28             with repo.internal_cnx() as cnx:
 
       
    29                 cnx.execute(
 
       
    30                     "SET U last_login_time %(now)s WHERE U eid %(user)s", {
 
       
    31                         'now': datetime.datetime.now(),
 
       
    32                         'user': principal})
 
       
    33                 cnx.commit()
 
       
    34         except:
 
       
    35             log.exception("Failed to update last_login_time")
 
       
    36         return headers
 
       
    37 
       
    38 
       
    39 def includeme(config):
 
     1 def includeme(config):
 
    40     config.include('pyramid_cubicweb.session')
 
     2     config.include('pyramid_cubicweb.session')
 
    41 
     3     config.include('pyramid_cubicweb.auth')
 
    42     secret = config.registry['cubicweb.config']['pyramid-auth-secret']
 
       
    43 
       
    44     if not secret:
 
       
    45         secret = 'notsosecret'
 
       
    46         warnings.warn('''
 
       
    47 
       
    48             !! WARNING !! !! WARNING !!
 
       
    49 
       
    50             The authentication cookies are signed with a static secret key.
 
       
    51             To put your own secret key, edit your all-in-one.conf file
 
       
    52             and set the 'pyramid-auth-secret' key.
 
       
    53 
       
    54             YOU SHOULD STOP THIS INSTANCE unless your really know what you
 
       
    55             are doing !!
 
       
    56 
       
    57         ''')
 
       
    58 
       
    59     config.set_authentication_policy(
 
       
    60         CubicWebAuthTktAuthenticationPolicy(
 
       
    61             secret, callback=get_principals, hashalg='sha512',
 
       
    62             reissue_time=3600))
 
       
    63     config.set_authorization_policy(ACLAuthorizationPolicy())
 
       
    64 
       
    65     config.include('pyramid_cubicweb.login')
 
     4     config.include('pyramid_cubicweb.login')
cubicweb