# HG changeset patch
# User Sylvain Thénault <sylvain.thenault@logilab.fr>
# Date 1295437626 -3600
# Node ID f87cd875c6dbbced1a39b03032175870c6193d53
# Parent  c1d33aff77150a6d11f3b5f3d46f3b64d179cb62
[web session] cleanup session/authentication api: we don't have anymore to store authentication information on web session since the auto-reconnection feature has been dropped (eg in 3.10)

diff -r c1d33aff7715 -r f87cd875c6db dbapi.py
--- a/dbapi.py	Wed Jan 19 12:47:04 2011 +0100
+++ b/dbapi.py	Wed Jan 19 12:47:06 2011 +0100
@@ -220,11 +220,10 @@
         return False
 
 class DBAPISession(object):
-    def __init__(self, cnx, login=None, authinfo=None):
+    def __init__(self, cnx, login=None):
         self.cnx = cnx
         self.data = {}
         self.login = login
-        self.authinfo = authinfo
         # dbapi session identifier is the same as the first connection
         # identifier, but may later differ in case of auto-reconnection as done
         # by the web authentication manager (in cw.web.views.authentication)
@@ -586,9 +585,8 @@
             req = self.request()
         rset = req.eid_rset(eid, 'CWUser')
         if self.vreg is not None and 'etypes' in self.vreg:
-            user = self.vreg['etypes'].etype_class('CWUser')(req, rset, row=0,
-                                                             groups=groups,
-                                                             properties=properties)
+            user = self.vreg['etypes'].etype_class('CWUser')(
+                req, rset, row=0, groups=groups, properties=properties)
         else:
             from cubicweb.entity import Entity
             user = Entity(req, rset, row=0)
diff -r c1d33aff7715 -r f87cd875c6db devtools/testlib.py
--- a/devtools/testlib.py	Wed Jan 19 12:47:04 2011 +0100
+++ b/devtools/testlib.py	Wed Jan 19 12:47:06 2011 +0100
@@ -259,8 +259,7 @@
         cls.init_config(cls.config)
         cls.repo.hm.call_hooks('server_startup', repo=cls.repo)
         cls.vreg = cls.repo.vreg
-        cls.websession = DBAPISession(cls.cnx, cls.admlogin,
-                                      {'password': cls.admpassword})
+        cls.websession = DBAPISession(cls.cnx, cls.admlogin)
         cls._orig_cnx = (cls.cnx, cls.websession)
         cls.config.repository = lambda x=None: cls.repo
 
diff -r c1d33aff7715 -r f87cd875c6db web/test/unittest_application.py
--- a/web/test/unittest_application.py	Wed Jan 19 12:47:04 2011 +0100
+++ b/web/test/unittest_application.py	Wed Jan 19 12:47:06 2011 +0100
@@ -322,10 +322,9 @@
         self.assertAuthFailure(req)
         self.assertRaises(AuthenticationError, self.app_publish, req, 'login')
         self.assertEqual(req.cnx, None)
-        authstr = base64.encodestring('%s:%s' % (origsession.login, origsession.authinfo['password']))
+        authstr = base64.encodestring('%s:%s' % (self.admlogin, self.admpassword))
         req._headers['Authorization'] = 'basic %s' % authstr
         self.assertAuthSuccess(req, origsession)
-        self.assertEqual(req.session.authinfo, {'password': origsession.authinfo['password']})
         self.assertRaises(LogOut, self.app_publish, req, 'logout')
         self.assertEqual(len(self.open_sessions), 0)
 
@@ -336,10 +335,9 @@
         self.failUnless('__login' in form)
         self.failUnless('__password' in form)
         self.assertEqual(req.cnx, None)
-        req.form['__login'] = origsession.login
-        req.form['__password'] = origsession.authinfo['password']
+        req.form['__login'] = self.admlogin
+        req.form['__password'] = self.admpassword
         self.assertAuthSuccess(req, origsession)
-        self.assertEqual(req.session.authinfo, {'password': origsession.authinfo['password']})
         self.assertRaises(LogOut, self.app_publish, req, 'logout')
         self.assertEqual(len(self.open_sessions), 0)
 
@@ -351,16 +349,15 @@
         self.commit()
         # option allow-email-login not set
         req, origsession = self.init_authentication('cookie')
-        req.form['__login'] = address
-        req.form['__password'] = origsession.authinfo['password']
-        self.assertAuthFailure(req)
+        # req.form['__login'] = address
+        # req.form['__password'] = self.admpassword
+        # self.assertAuthFailure(req)
         # option allow-email-login set
         origsession.login = address
         self.set_option('allow-email-login', True)
         req.form['__login'] = address
-        req.form['__password'] = origsession.authinfo['password']
+        req.form['__password'] = self.admpassword
         self.assertAuthSuccess(req, origsession)
-        self.assertEqual(req.session.authinfo, {'password': origsession.authinfo['password']})
         self.assertRaises(LogOut, self.app_publish, req, 'logout')
         self.assertEqual(len(self.open_sessions), 0)
 
@@ -380,7 +377,6 @@
         asession = req.session
         self.assertEqual(len(self.open_sessions), 1)
         self.assertEqual(asession.login, 'anon')
-        self.assertEqual(asession.authinfo['password'], 'anon')
         self.failUnless(asession.anonymous_session)
         self._reset_cookie(req)
 
@@ -398,10 +394,9 @@
         authstr = base64.encodestring('toto:pouet')
         req._headers['Authorization'] = 'basic %s' % authstr
         self._test_anon_auth_fail(req)
-        authstr = base64.encodestring('%s:%s' % (origsession.login, origsession.authinfo['password']))
+        authstr = base64.encodestring('%s:%s' % (self.admlogin, self.admpassword))
         req._headers['Authorization'] = 'basic %s' % authstr
         self.assertAuthSuccess(req, origsession)
-        self.assertEqual(req.session.authinfo, {'password': origsession.authinfo['password']})
         self.assertRaises(LogOut, self.app_publish, req, 'logout')
         self.assertEqual(len(self.open_sessions), 0)
 
@@ -411,11 +406,9 @@
         req.form['__login'] = 'toto'
         req.form['__password'] = 'pouet'
         self._test_anon_auth_fail(req)
-        req.form['__login'] = origsession.login
-        req.form['__password'] = origsession.authinfo['password']
+        req.form['__login'] = self.admlogin
+        req.form['__password'] = self.admpassword
         self.assertAuthSuccess(req, origsession)
-        self.assertEqual(req.session.authinfo,
-                          {'password': origsession.authinfo['password']})
         self.assertRaises(LogOut, self.app_publish, req, 'logout')
         self.assertEqual(len(self.open_sessions), 0)
 
diff -r c1d33aff7715 -r f87cd875c6db web/views/authentication.py
--- a/web/views/authentication.py	Wed Jan 19 12:47:04 2011 +0100
+++ b/web/views/authentication.py	Wed Jan 19 12:47:06 2011 +0100
@@ -100,17 +100,13 @@
             self.anoninfo = (self.anoninfo[0], {'password': self.anoninfo[1]})
 
     def validate_session(self, req, session):
-        """check session validity, reconnecting it to the repository if the
-        associated connection expired in the repository side (hence the
-        necessity for this method). Return the connected user on success.
+        """check session validity and return the connected user on success.
 
         raise :exc:`InvalidSession` if session is corrupted for a reason or
         another and should be closed
 
         also invoked while going from anonymous to logged in
         """
-        # with this authentication manager, session is actually a dbapi
-        # connection
         for retriever in self.authinforetrievers:
             if retriever.request_has_auth_info(req):
                 login = retriever.revalidate_login(req)
@@ -135,8 +131,7 @@
     def authenticate(self, req):
         """authenticate user using connection information found in the request,
         and return corresponding a :class:`~cubicweb.dbapi.Connection` instance,
-        as well as login and authentication information dictionary used to open
-        the connection.
+        as well as login used to open the connection.
 
         raise :exc:`cubicweb.AuthenticationError` if authentication failed
         (no authentication info found or wrong user/password)
@@ -152,8 +147,7 @@
                 continue # the next one may succeed
             for retriever_ in self.authinforetrievers:
                 retriever_.authenticated(retriever, req, cnx, login, authinfo)
-            return cnx, login, authinfo
-
+            return cnx, login
         # false if no authentication info found, eg this is not an
         # authentication failure
         if 'login' in locals():
@@ -162,7 +156,7 @@
         if login:
             cnx = self._authenticate(login, authinfo)
             cnx.anonymous_connection = True
-            return cnx, login, authinfo
+            return cnx, login
         raise AuthenticationError()
 
     def _authenticate(self, login, authinfo):
diff -r c1d33aff7715 -r f87cd875c6db web/views/sessions.py
--- a/web/views/sessions.py	Wed Jan 19 12:47:04 2011 +0100
+++ b/web/views/sessions.py	Wed Jan 19 12:47:06 2011 +0100
@@ -69,8 +69,8 @@
         raise :exc:`cubicweb.AuthenticationError` if authentication failed
         (no authentication info found or wrong user/password)
         """
-        cnx, login, authinfo = self.authmanager.authenticate(req)
-        session = DBAPISession(cnx, login, authinfo)
+        cnx, login = self.authmanager.authenticate(req)
+        session = DBAPISession(cnx, login)
         self._sessions[session.sessionid] = session
         # associate the connection to the current request
         req.set_session(session)