# HG changeset patch # User Laurent Peuch # Date 1557341629 -7200 # Node ID fa292e905edc2387da88bdb87e89c3e42e035550 # Parent 6b08ba99b40e8f2bd10f4d9d2eeef6874db67126 [pyramid/enh] generate pyramid.ini "create" and on "pyramid" command if needed diff -r 6b08ba99b40e -r fa292e905edc cubicweb/pyramid/pyramid.ini.tmpl --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/cubicweb/pyramid/pyramid.ini.tmpl Wed May 08 20:53:49 2019 +0200 @@ -0,0 +1,7 @@ +[main] + +cubicweb.session.secret = %(secret_1)s +cubicweb.auth.authtkt.session.secret = %(secret_2)s +cubicweb.auth.authtkt.persistent.secret = %(secret_3)s +cubicweb.auth.authtkt.session.secure = no +cubicweb.auth.authtkt.persistent.secure = no diff -r 6b08ba99b40e -r fa292e905edc cubicweb/pyramid/pyramidctl.py --- a/cubicweb/pyramid/pyramidctl.py Wed May 08 21:00:45 2019 +0200 +++ b/cubicweb/pyramid/pyramidctl.py Wed May 08 20:53:49 2019 +0200 @@ -39,8 +39,10 @@ from cubicweb.cwconfig import CubicWebConfiguration as cwcfg from cubicweb.cwctl import CWCTL, InstanceCommand, init_cmdline_log_threshold from cubicweb.pyramid import wsgi_application_from_cwconfig +from cubicweb.pyramid.config import get_random_secret_key from cubicweb.server import serverctl, set_debug from cubicweb.web.webctl import WebCreateHandler +from cubicweb.toolsutils import fill_templated_file import waitress @@ -50,6 +52,18 @@ LOG_LEVELS = ('debug', 'info', 'warning', 'error') +def _generate_pyramid_ini_file(pyramid_ini_path): + """Write a 'development.ini' file into apphome.""" + template_fpath = os.path.join(os.path.dirname(__file__), 'pyramid.ini.tmpl') + target_fpath = os.path.join(pyramid_ini_path) + context = { + 'secret_1': get_random_secret_key(), + 'secret_2': get_random_secret_key(), + 'secret_3': get_random_secret_key(), + } + fill_templated_file(template_fpath, target_fpath, context) + + class PyramidCreateHandler(serverctl.RepositoryCreateHandler, WebCreateHandler): cfgname = 'pyramid' @@ -72,7 +86,7 @@ """bootstrap this configuration""" serverctl.RepositoryCreateHandler.bootstrap(self, cubes, automatic, inputlevel) WebCreateHandler.bootstrap(self, cubes, automatic, inputlevel) - # TODO: write pyramid.ini file + _generate_pyramid_ini_file(os.path.join(self.config.apphome, "pyramid.ini")) class PyramidStartHandler(InstanceCommand): @@ -332,6 +346,10 @@ filelist_path = os.path.join(cwconfig.apphome, '.pyramid-reload-files.list') + pyramid_ini_path = os.path.join(cwconfig.apphome, "pyramid.ini") + if not os.path.exists(pyramid_ini_path): + _generate_pyramid_ini_file(pyramid_ini_path) + if autoreload and not os.environ.get(self._reloader_environ_key): return self.restart_with_reloader(filelist_path) diff -r 6b08ba99b40e -r fa292e905edc cubicweb/pyramid/session.py --- a/cubicweb/pyramid/session.py Wed May 08 21:00:45 2019 +0200 +++ b/cubicweb/pyramid/session.py Wed May 08 20:53:49 2019 +0200 @@ -261,23 +261,6 @@ See also :ref:`defaults_module` """ - settings = config.registry.settings - try: - secret = settings['cubicweb.session.secret'] - except KeyError: - secret = 'notsosecret' - if config.registry['cubicweb.config'].mode != 'test': - warnings.warn(''' - - !! WARNING !! !! WARNING !! - - The session cookies are signed with a static secret key. - To put your own secret key, edit your pyramid.ini file - and set the 'cubicweb.session.secret' key. - - YOU SHOULD STOP THIS INSTANCE unless your really know what you - are doing !! - - ''') + secret = config.registry.settings['cubicweb.session.secret'] session_factory = CWSessionFactory(secret) config.set_session_factory(session_factory)