# HG changeset patch # User Aurelien Campeas # Date 1392306213 -3600 # Node ID 6b109900583b73cdbad7d90847a07df01cfc78ae # Parent 834284af988f6348406996481a544066ef694c88 [web] the AuthenticationManager is no more an appobject It is now explictly instanciated by the session manager. Related to #1381328. diff -r 834284af988f -r 6b109900583b web/views/authentication.py --- a/web/views/authentication.py Fri Dec 05 16:22:02 2014 +0100 +++ b/web/views/authentication.py Thu Feb 13 16:43:33 2014 +0100 @@ -19,12 +19,9 @@ __docformat__ = "restructuredtext en" -from threading import Lock - -from logilab.common.decorators import clear_cache from logilab.common.deprecation import class_renamed -from cubicweb import AuthenticationError, BadConnectionId +from cubicweb import AuthenticationError from cubicweb.view import Component from cubicweb.web import InvalidSession @@ -101,41 +98,11 @@ '("ie" instead of "ei")') -class AbstractAuthenticationManager(Component): - """authenticate user associated to a request and check session validity""" - __abstract__ = True - __regid__ = 'authmanager' - def __init__(self, repo): - self.vreg = repo.vreg - - def validate_session(self, req, session): - """check session validity, reconnecting it to the repository if the - associated connection expired in the repository side (hence the - necessity for this method). - - raise :exc:`InvalidSession` if session is corrupted for a reason or - another and should be closed - """ - raise NotImplementedError() - - def authenticate(self, req): - """authenticate user using connection information found in the request, - and return corresponding a :class:`~cubicweb.dbapi.Connection` instance, - as well as login and authentication information dictionary used to open - the connection. - - raise :exc:`cubicweb.AuthenticationError` if authentication failed - (no authentication info found or wrong user/password) - """ - raise NotImplementedError() - - -class RepositoryAuthenticationManager(AbstractAuthenticationManager): +class RepositoryAuthenticationManager(object): """authenticate user associated to a request and check session validity""" def __init__(self, repo): - super(RepositoryAuthenticationManager, self).__init__(repo) self.repo = repo vreg = repo.vreg self.log_queries = vreg.config['query-log-file'] diff -r 834284af988f -r 6b109900583b web/views/sessions.py --- a/web/views/sessions.py Fri Dec 05 16:22:02 2014 +0100 +++ b/web/views/sessions.py Thu Feb 13 16:43:33 2014 +0100 @@ -23,6 +23,7 @@ from cubicweb import RepositoryError, Unauthorized, BadConnectionId from cubicweb.web import InvalidSession, component +from cubicweb.web.views import authentication class AbstractSessionManager(component.Component): """manage session data associated to a session identifier""" @@ -32,7 +33,7 @@ def __init__(self, repo): vreg = repo.vreg self.session_time = vreg.config['http-session-time'] or None - self.authmanager = vreg['components'].select('authmanager', repo=repo) + self.authmanager = authentication.RepositoryAuthenticationManager(repo) interval = (self.session_time or 0) / 2. if vreg.config.anonymous_user()[0] is not None: self.cleanup_anon_session_time = vreg.config['cleanup-anonymous-session-time'] or 5 * 60