Update debian changelog

Don't rollback if exception is HTTPSuccessful or HTTPRedirection In the request finishing, the 'cleanup' callback set by _cw_cnx automatically commit the transaction except is an exception is set on the request. Problem is, redirections and successul http return code can raise exceptions. This patch detects such exceptions and avoid rolling back the transaction. Closes #4566482

Set version to 0.1.2

Provides a full wsgi cubicweb application builder

Added tag pyramid_cubicweb-version-0.1.1, pyramid_cubicweb-debian-0.1.1-1 for changeset 9f3b9e610c3d

Set version 0.1.1

[auth] Make last_login_time updated. The update is done when the user logs in, then every time the authentication is reissued. Closes #4549891

Added tag pyramid_cubicweb-version-0.1.0, pyramid_cubicweb-debian-version-0.1.0-1 for changeset 3d60138100d6

Add a description to the debian package

Set version to 0.1.0

Initial debian packaging missing at least a long description and wsgicors dependency.

Move PyramidCWTest to pyramid_cubicweb.tests

Optimise repo_connect by skipping authenticate_user The authentication being handled by pyramid itself, going through the authentication stack to recreate the temporary session at each request is very costly. On my desktop, for a mostly static front page, the total time for delivering the page drops from 100ms to 47ms.

Use lightweight sessions Provides a lightweight version of repo.connect() that does not keep track of opened sessions. The speed gain on a mostly static front page is about 5% Warning ! This means that, for now, the "session_open" and "session_close" hooks are NOT called anymore.

Use 'wsgicors' for CORS handling. The CW CORS handling (in web/cors.py) is only able to work on cubicweb requests. When a request is not handled by bwcompat, we need a proper solution. The `wsgicors` library provides what we need as a wsgi middleware.

Add requirements

Handle '__setauthcookie' '__setauthcookie' is a form parameter added by the 'rememberme' cube. If present and equals to '1', the cookie max_age will be set to 7 days instead of being a session cookie. To make sure the auth cookie is renewed, the reissue_time is set to 1h.

Fix POST handling. The issues where revealed by the unittests, which are ported from the cubicweb wsgi tests.

Use AuthTktAuthenticationPolicy

DB-saved session data Related to #4291173

Handle properly the '/https/*' urls CW uses a url prefix to detect https behing a reverse-proxy. A more proper way to do that is documented here in the waitress documentation (waitress is the default pyramid wsgi server): https://waitress.readthedocs.org/en/latest/#using-behind-a-reverse-proxy A later version should implement this, or use waitress in the 'pyramid' command. Related to #4291181

Correctly pass the multiple parameters to the cubicweb request When naively converted to a dict, the webob MultiDict will not set the multiple parameters (a same name with several values) in a way CW can understand. MultiDict.mixed() however, does exactly what CW needs: list values for keys with multiple values, and single value for the others. Related to #4291181

Add a wsgi application factory suitable for wsgi servers. This factory can generate a wsgi application for a cubicweb instance. It reads the instance name from the CW_INSTANCE environment variable, and activates the debugmode if CW_DEBUG is defined in environment. It is usable by uwsgi as the 'module' parameter : CW_INSTANCE=test uwsgi --plugins python,http --http 0.0.0.0:8080 --module pyramid_cubicweb:wsgi_application()

If any cube has a 'includeme' attribute, call config.include on it Related to #4291181

Add a make_cubicweb_application function This function will be used by the 'pyramid' cubicweb-ctl command. Related to #4291173

Fix session closing for cubicweb 3.19 Related to #4291173

Convert cubicweb.NotFound to HTTPNotFound Related to #4291173

Use registry['cubicweb.registry'] instead of registry['cubicweb.appli'].vreg because the application may not be present. Related to #4291173

Use a predicate based view selection for handling /login This will allow easy addition of login handlers from the application or cubes Related to #4291173

Use a tween application instead of a catchall route. Using a catchall route has some drawbacks. Especially, we have no mean to have a route that would match only if no other one does AND no view matches either. Said differently, our default handler cannot be plugged on the route level nor the view level, because it is has to be activated only if nothing else works in the pyramid application. Using a tween application allow to handle requests that raises a HTTPNotFound error, while having the pyramid error handler still active between our tween app and the outside world. Related to #4291173