1 """web session component: by dfault the session is actually the db connection

     2 object :/

     3 

     4 :organization: Logilab

     5 :copyright: 2001-2008 LOGILAB S.A. (Paris, FRANCE), all rights reserved.

     6 :contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr

     7 """

     8 __docformat__ = "restructuredtext en"

     9 

    10 from cubicweb.web import ExplicitLogin, InvalidSession

    11 from cubicweb.web.application import AbstractSessionManager

    12 

    13 

    14 class InMemoryRepositorySessionManager(AbstractSessionManager):

    15     """manage session data associated to a session identifier"""

    16     

    17     def __init__(self):

    18         AbstractSessionManager.__init__(self)

    19         # XXX require a RepositoryAuthenticationManager which violates

    20         #     authenticate interface by returning a session instead of a user

    21         #assert isinstance(self.authmanager, RepositoryAuthenticationManager)

    22         self._sessions = {}

    23 

    24     def current_sessions(self):

    25         return self._sessions.values()

    26     

    27     def get_session(self, req, sessionid):

    28         """return existing session for the given session identifier"""

    29         if not sessionid in self._sessions:

    30             raise InvalidSession()

    31         session = self._sessions[sessionid]

    32         if self.has_expired(session):

    33             self.close_session(session)

    34             raise InvalidSession()

    35         # give an opportunity to auth manager to hijack the session

    36         # (necessary with the RepositoryAuthenticationManager in case

    37         #  the connection to the repository has expired)

    38         try:

    39             session = self.authmanager.validate_session(req, session)

    40             # necessary in case session has been hijacked

    41             self._sessions[session.sessionid] = session

    42         except InvalidSession:

    43             # invalid session

    44             del self._sessions[sessionid]

    45             raise

    46         return session

    47 

    48     def open_session(self, req):

    49         """open and return a new session for the given request

    50         

    51         :raise ExplicitLogin: if authentication is required

    52         """

    53         session = self.authmanager.authenticate(req)

    54         self._sessions[session.sessionid] = session

    55         return session

    56     

    57     def close_session(self, session):

    58         """close session on logout or on invalid session detected (expired out,

    59         corrupted...)

    60         """

    61         self.info('closing http session %s' % session)

    62         del self._sessions[session.sessionid]

    63         try:

    64             session.close()

    65         except:

    66             # already closed, may occurs if the repository session expired but

    67             # not the web session

    68             pass

    69