|
1 import datetime |
|
2 import logging |
1 import warnings |
3 import warnings |
2 |
4 |
3 from pyramid.authentication import AuthTktAuthenticationPolicy |
5 from pyramid.authentication import AuthTktAuthenticationPolicy |
4 from pyramid.authorization import ACLAuthorizationPolicy |
6 from pyramid.authorization import ACLAuthorizationPolicy |
5 |
7 |
6 from pyramid_cubicweb.core import get_principals |
8 from pyramid_cubicweb.core import get_principals |
|
9 |
|
10 log = logging.getLogger(__name__) |
|
11 |
|
12 |
|
13 class CubicWebAuthTktAuthenticationPolicy(AuthTktAuthenticationPolicy): |
|
14 """An authentication policy that update the user last_login_time. |
|
15 |
|
16 The update is done in the 'remember' method, which is called on login, |
|
17 and each time the authentication ticket is reissued. |
|
18 |
|
19 Meaning, the last_login_time is updated reissue_time seconds (maximum) |
|
20 before the last request by the user. |
|
21 """ |
|
22 |
|
23 def remember(self, request, principal, **kw): |
|
24 headers = super(CubicWebAuthTktAuthenticationPolicy, self).remember( |
|
25 request, principal, **kw) |
|
26 try: |
|
27 repo = request.registry['cubicweb.repository'] |
|
28 with repo.internal_session() as cnx: |
|
29 cnx.execute( |
|
30 "SET U last_login_time %(now)s WHERE U eid %(user)s", { |
|
31 'now': datetime.datetime.now(), |
|
32 'user': principal}) |
|
33 cnx.commit() |
|
34 except: |
|
35 log.exception("Failed to update last_login_time") |
|
36 return headers |
7 |
37 |
8 |
38 |
9 def includeme(config): |
39 def includeme(config): |
10 config.include('pyramid_cubicweb.session') |
40 config.include('pyramid_cubicweb.session') |
11 |
41 |
25 are doing !! |
55 are doing !! |
26 |
56 |
27 ''') |
57 ''') |
28 |
58 |
29 config.set_authentication_policy( |
59 config.set_authentication_policy( |
30 AuthTktAuthenticationPolicy( |
60 CubicWebAuthTktAuthenticationPolicy( |
31 secret, callback=get_principals, hashalg='sha512', |
61 secret, callback=get_principals, hashalg='sha512', |
32 reissue_time=3600)) |
62 reissue_time=3600)) |
33 config.set_authorization_policy(ACLAuthorizationPolicy()) |
63 config.set_authorization_policy(ACLAuthorizationPolicy()) |
34 |
64 |
35 config.include('pyramid_cubicweb.login') |
65 config.include('pyramid_cubicweb.login') |