Christophe de Vienne <christophe@unlish.com> [Sat, 03 Jan 2015 00:14:06 +0100] rev 11531
[auth] Fix the config option name in the warning message
Aurelien Campeas <aurelien.campeas@logilab.fr> [Tue, 02 Dec 2014 15:21:29 +0100] rev 11530
session -> cnx
Christophe de Vienne <christophe@unlish.com> [Mon, 08 Dec 2014 20:38:32 +0100] rev 11529
Added tag pyramid_cubicweb-debian-version-0.1.3-1, pyramid_cubicweb-version-0.1.3 for changeset 0a7769e583c2
Christophe de Vienne <christophe@unlish.com> [Mon, 08 Dec 2014 20:25:31 +0100] rev 11528
Set version 0.1.3
Christophe de Vienne <christophe@unlish.com> [Mon, 08 Dec 2014 20:21:55 +0100] rev 11527
Cookie 'max_age' must be a integer, not a string.
If not, the value is used verbatim for the 'expires' of the cookie, which is
invalid.
Closes #4731764.
Christophe de Vienne <christophe@unlish.com> [Sat, 15 Nov 2014 21:07:25 +0100] rev 11526
Added tag pyramid_cubicweb-version-0.1.2, pyramid_cubicweb-debian-version-0.1.2-1 for changeset 5eb4e27e9998
Christophe de Vienne <christophe@unlish.com> [Sat, 15 Nov 2014 20:26:15 +0100] rev 11525
Update debian changelog
Christophe de Vienne <christophe@unlish.com> [Sat, 08 Nov 2014 23:07:20 +0100] rev 11524
Don't rollback if exception is HTTPSuccessful or HTTPRedirection
In the request finishing, the 'cleanup' callback set by _cw_cnx
automatically commit the transaction except is an exception is set
on the request.
Problem is, redirections and successul http return code can raise
exceptions.
This patch detects such exceptions and avoid rolling back the transaction.
Closes #4566482
Christophe de Vienne <christophe@unlish.com> [Thu, 06 Nov 2014 22:26:16 +0100] rev 11523
Set version to 0.1.2
Christophe de Vienne <christophe@unlish.com> [Thu, 06 Nov 2014 22:08:57 +0100] rev 11522
Provides a full wsgi cubicweb application builder
Christophe de Vienne <christophe@unlish.com> [Sun, 02 Nov 2014 23:36:22 +0100] rev 11521
Added tag pyramid_cubicweb-version-0.1.1, pyramid_cubicweb-debian-0.1.1-1 for changeset 9f3b9e610c3d
Christophe de Vienne <christophe@unlish.com> [Sun, 02 Nov 2014 23:31:34 +0100] rev 11520
Set version 0.1.1
Christophe de Vienne <christophe@unlish.com> [Sun, 02 Nov 2014 22:54:24 +0100] rev 11519
[auth] Make last_login_time updated.
The update is done when the user logs in, then every time the authentication is
reissued.
Closes #4549891
Christophe de Vienne <christophe@unlish.com> [Thu, 23 Oct 2014 16:29:44 +0200] rev 11518
Added tag pyramid_cubicweb-version-0.1.0, pyramid_cubicweb-debian-version-0.1.0-1 for changeset 3d60138100d6
Christophe de Vienne <christophe@unlish.com> [Thu, 23 Oct 2014 16:15:58 +0200] rev 11517
Add a description to the debian package
Christophe de Vienne <christophe@unlish.com> [Thu, 23 Oct 2014 15:41:43 +0200] rev 11516
Set version to 0.1.0
Julien Cristau <julien.cristau@logilab.fr> [Mon, 06 Oct 2014 10:32:38 +0200] rev 11515
Initial debian packaging
missing at least a long description and wsgicors dependency.
Christophe de Vienne <christophe@unlish.com> [Wed, 22 Oct 2014 16:15:54 +0200] rev 11514
Move PyramidCWTest to pyramid_cubicweb.tests
Christophe de Vienne <christophe@unlish.com> [Mon, 22 Sep 2014 12:15:31 +0200] rev 11513
Optimise repo_connect by skipping authenticate_user
The authentication being handled by pyramid itself, going through the
authentication stack to recreate the temporary session at each request is very
costly.
On my desktop, for a mostly static front page, the total time for delivering
the page drops from 100ms to 47ms.
Christophe de Vienne <christophe@unlish.com> [Mon, 22 Sep 2014 09:40:43 +0200] rev 11512
Use lightweight sessions
Provides a lightweight version of repo.connect() that does not keep track of
opened sessions.
The speed gain on a mostly static front page is about 5%
Warning ! This means that, for now, the "session_open" and "session_close"
hooks are NOT called anymore.
Christophe de Vienne <christophe@unlish.com> [Fri, 19 Sep 2014 19:17:50 +0200] rev 11511
Use 'wsgicors' for CORS handling.
The CW CORS handling (in web/cors.py) is only able to work on cubicweb requests.
When a request is not handled by bwcompat, we need a proper solution.
The `wsgicors` library provides what we need as a wsgi middleware.
Christophe de Vienne <christophe@unlish.com> [Thu, 18 Sep 2014 17:18:09 +0200] rev 11510
Add requirements
Christophe de Vienne <christophe@unlish.com> [Thu, 18 Sep 2014 16:51:55 +0200] rev 11509
Handle '__setauthcookie'
'__setauthcookie' is a form parameter added by the 'rememberme' cube.
If present and equals to '1', the cookie max_age will be set to 7 days instead
of being a session cookie.
To make sure the auth cookie is renewed, the reissue_time is set to 1h.
Christophe de Vienne <christophe@unlish.com> [Thu, 18 Sep 2014 15:07:02 +0200] rev 11508
Fix POST handling.
The issues where revealed by the unittests, which are ported from
the cubicweb wsgi tests.
Christophe de Vienne <christophe@unlish.com> [Thu, 18 Sep 2014 11:43:45 +0200] rev 11507
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com> [Fri, 19 Sep 2014 14:26:55 +0200] rev 11506
DB-saved session data
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 02 Sep 2014 20:50:33 +0200] rev 11505
Handle properly the '/https/*' urls
CW uses a url prefix to detect https behing a reverse-proxy.
A more proper way to do that is documented here in the waitress documentation
(waitress is the default pyramid wsgi server):
https://waitress.readthedocs.org/en/latest/#using-behind-a-reverse-proxy
A later version should implement this, or use waitress in the 'pyramid'
command.
Related to #4291181
Christophe de Vienne <christophe@unlish.com> [Tue, 02 Sep 2014 20:49:57 +0200] rev 11504
Correctly pass the multiple parameters to the cubicweb request
When naively converted to a dict, the webob MultiDict will not set the multiple
parameters (a same name with several values) in a way CW can understand.
MultiDict.mixed() however, does exactly what CW needs: list values for keys
with multiple values, and single value for the others.
Related to #4291181
Christophe de Vienne <christophe@unlish.com> [Thu, 28 Aug 2014 15:42:51 +0200] rev 11503
Add a wsgi application factory suitable for wsgi servers.
This factory can generate a wsgi application for a cubicweb instance.
It reads the instance name from the CW_INSTANCE environment variable, and
activates the debugmode if CW_DEBUG is defined in environment.
It is usable by uwsgi as the 'module' parameter :
CW_INSTANCE=test uwsgi --plugins python,http --http 0.0.0.0:8080 --module pyramid_cubicweb:wsgi_application()
Christophe de Vienne <christophe@unlish.com> [Wed, 27 Aug 2014 19:26:44 +0200] rev 11502
If any cube has a 'includeme' attribute, call config.include on it
Related to #4291181
Christophe de Vienne <christophe@unlish.com> [Thu, 21 Aug 2014 21:55:58 +0200] rev 11501
Add a make_cubicweb_application function
This function will be used by the 'pyramid' cubicweb-ctl command.
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Thu, 21 Aug 2014 22:26:42 +0200] rev 11500
Fix session closing for cubicweb 3.19
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Thu, 21 Aug 2014 21:43:24 +0200] rev 11499
Convert cubicweb.NotFound to HTTPNotFound
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Wed, 06 Aug 2014 19:06:32 +0200] rev 11498
Use registry['cubicweb.registry'] instead of registry['cubicweb.appli'].vreg because the application may not be present.
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Thu, 21 Aug 2014 22:16:51 +0200] rev 11497
Use a predicate based view selection for handling /login
This will allow easy addition of login handlers from the application or cubes
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Wed, 06 Aug 2014 19:04:25 +0200] rev 11496
Use a tween application instead of a catchall route.
Using a catchall route has some drawbacks. Especially, we have no mean to have
a route that would match only if no other one does AND no view matches either.
Said differently, our default handler cannot be plugged on the route level nor
the view level, because it is has to be activated only if nothing else works in
the pyramid application.
Using a tween application allow to handle requests that raises a HTTPNotFound
error, while having the pyramid error handler still active between our tween
app and the outside world.
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Mon, 04 Aug 2014 15:52:04 +0200] rev 11495
Document the view problem hypothesis.
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Mon, 04 Aug 2014 13:06:32 +0200] rev 11494
If the postlogin_path is 'login', redirect to '/' instead
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Mon, 04 Aug 2014 13:04:19 +0200] rev 11493
Put the login view in a separate module.
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Thu, 31 Jul 2014 17:48:32 +0200] rev 11492
Separate into 4 modules
* init_instance: load the cubicweb repository from the
`pyramid_cubicweb.instance` configuration key
* defaults: provides cw-like defaults for the authentication and session
management
* core: make cubicweb use the authentication and session management of
pyramid.
It assumes the application provides the auth policies and session factory,
and that the `cubicweb.*` registry entries are correctly initialised.
This is this only required module or pyramid_cubicweb, the other
ones are optional if the application provides its own versions of what they
do.
* bwcompat: provides a catchall route that delegate the request handling to
an old-fashion cubicweb publisher (ie using url_resolver and controllers).
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 22 Jul 2014 23:46:09 +0200] rev 11491
Update the TODO list
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 22 Jul 2014 23:45:11 +0200] rev 11490
Provide instructions and a requirements list to quickly start the sample
application.
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 15 Jul 2014 18:25:48 +0200] rev 11489
Use the pyramid session object as the cubiweb session.data (needs a patched cw 3.19)
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 15 Jul 2014 18:13:57 +0200] rev 11488
Add comments on parts we want to reconsider later
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 15 Jul 2014 17:37:50 +0200] rev 11487
Skip core_handle, add a context manager to handle cubicweb errors
The context manager is also used to catch errors in render_view.
It handles the 'external' errors raised by cubicweb code.
The more internal errors, the one that should occur only in url resolving and
cubicweb controllers, are handled directly in CubicWebPyramidHandler.
ValidationError is handled by CubicWebPyramidHandler for now, but should
probably be handled by cw_to_pyramid
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 15 Jul 2014 15:30:49 +0200] rev 11486
Documents dependencies on a ubuntu system
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Tue, 15 Jul 2014 14:25:15 +0200] rev 11485
Use short-lived cubicweb sessions to let pyramid actually handle the web sessions
Related to #4291173
Christophe de Vienne <christophe@unlish.com> [Wed, 09 Jul 2014 17:14:32 +0200] rev 11484
Isolate the default handler and extend its role
The handler now does the job of CubicWebPublisher.main_handle_request() and calls
CubicWebPublisher.core_handle().
Instead of using config.add_notfound_view, a catchall route is defined and the
handler plugged to it.
Related to #4291173